Limiting by Source Address

The following are example access lists:

Under Access List Definition:
eng src 129.144.118.0/255.255.255.0
sales src 129.144.130.0/255.255.255.0
division src 129.144.0.0/255.255.0.0

The preceding access lists might be used as follows:

Under Client Access Control:
allow eng sales
deny division

The preceding entries specify that machines on the subnets 129.144.118.0 and 129.144.130.0 are allowed HTTP access to the Netra Proxy Cache Server, while machines in the division list are excluded.

You might want to restrict Inter Cache Protocol (ICP) access to a server to only those machines. This is illustrated in the following example:

Under Access List Definition:
arrayhosts src 129.144.107.1/255.255.255.255 129.144.107.2/255.255.255.255 \
129.144.107.3/255.255.255.255 127.0.0.1/255.255.255.255 
all src 0.0.0.0/0.0.0.0

The list arrayhosts includes the host addresses of all machines in a Netra Proxy Cache Array. The list might be used as follows:

Under Access to Cache via ICP:
allow arrayhosts
deny all

The preceding entries specify that only the array machines are allowed ICP access to the Netra Proxy Cache Server, while all other machines are excluded.