The list of rules for the system connection filter. If none are specified, all connections are accepted.
The syntax of the rules is as follows:
<ulist>
Each rule must be written on a single line in the source code.
Tokens in a rule are separated by white space.
A pound sign (#) is the comment character. Everything after a pound sign on a line is ignored.
Whitespace before or after a rule is ignored.
Lines consisting only of whitespace or comments are skipped.
All rules have the following format:
targetlocalAddresslocalPortactionprotocols
where
target specifies one or more servers to filter.
localAddress defines the host address of the server. (If you specify an asterisk (*), the match returns all local IP addresses.)
localPort defines the port on which the server is listening. (If you specify an asterisk, the match returna all available ports on the server).
action specifies the action to perform. The value must be allow or deny).
protocols is the list of protocol names to match. (One of the following protocols must be specified http, https, t3, t3s, giop, giops, dcom, or ftp.) If no protocol is defined, all protocols will match a rule.
Two kinds of rules are recognized:
When a client connects to WebLogic Server, these rules are evaluated in the order in which they were written. The first rule to match determines how the connection is treated. If no rules match, the connection is permitted.
If you want to further protect your server and only allow connections from certain addresses, you can specify 0.0.0.0/0 denyas your last rule.
|