CHAPTER 5: Configuration
71
The IP Security conguration menus include "hosts.allow" and "hosts.deny" client
lists. When setting up IP Security, you must enter IP addresses for hosts that you
wish to allow in the Allow list, and addresses for hosts that you wish to deny in the
Deny list. Since Linux operators, wild cards and net/mask pairs are allowed, these
lists can indicate specic addresses, or a range of addresses to be allowed or denied.
When the IP Security feature is properly enabled, and a client attempts to connect,
the Outlet Managed PDU will perform the following checks:
1. If the client’s IP address is found in the "hosts.allow" list, the client will be
granted immediate access. Once an IP address is found in the Allow list, the
Outlet Managed PDU will not check the Deny list, and will assume you wish
to allow that address to connect.
2. If the client’s IP address is not found in the Allow list, the Outlet Managed
PDU will then proceed to check the Deny list.
3. If the client’s IP Address is found in the Deny list, the client will not be
allowed to connect.
4. If the client’s IP Address is not found in the Deny list, the client will be
allowed to connect, even if the address was not found in the Allow list.
Notes:
• If the Outlet Managed PDU finds an IP Address in the Allow list, it
will not check the Deny list, and will allow the client to connect.
• If both the Allow and Deny lists are left blank, then the IP Security
feature will be disabled, and all IP Addresses will be allowed to
connect (providing that the proper password and/or SSH key is
supplied.)
• When the Allow and Deny lists are defined, the user is only
allowed to specify the Client List; the Daemon List and Shell
Command cannot be defined.