You use the <ipaddrlist> tag to specify the source IP addresses and TCP ports that you want the network filter. Its syntax is:
<ipaddrlist type="stringListType"> <element value="IPfilter"/> </ipaddrlist>
Where <element value="IPfilter"/> represents a combination of IP addresses and port numbers.
When specifying IP addresses and port numbers, the IPfilter syntax comprises the following elements:
Specifies a single pre-filter, comprising an address range and, optionally, a port range. It takes this format (note the colon separator):
IPrange[":"PortRange]
For details on specifying a range of IP addresses or ports (that is, IPrange and PortRange), see below. Note also:
Specifies one of the following: a single address; a hyphen-separated address range; or a masked address range. It takes this format:
IPaddress["-"IPaddress|"/"Mask]
Specifies up to four address octets. If less than four octets are specified, an address mask is implied—see the previous section. It takes this format:
Address *3["."Address]
Specifies an IPv6 address in colon-separated format as eight 16-bit words in hexadecimal. Two or more consecutive 16-bit words may be represented by a double colon. If you specify a port number or port range in a filter, enclose the IPv6 addresses in brackets, for example:
[fe80::]-[fe81::]:137-139
Specifies a single address octet. This can be any value from 0 to 255.
Defines a subnet mask of up to 32 bits. This can be any value from 0 to 32.
The mask specifies the number of most significant bits used when matching IP addresses to the filter address range. Address bits outside the mask are ignored and, for matching purposes, can be any combination of ones and zeros.
Specifies a port or a hyphen-separated port range. It takes this format:
Port["-"Port]
Specifies a port number. This can be any value from 0 to 65535.
|
Copyright © 2014 CA.
All rights reserved.
|
|