Applies To:

Show Versions Show Versions

Archived Manual Chapter: 3-DNS Reference Guide v3.0: Access Control Lists
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.



2

Access Control Lists



With access control lists (ACLs), you can block probing for members of the ACL when you use dynamic RTT probing on your 3-DNS Controller. Table 2.1 lists the ACL types and describes their functions.

Access control list types and descriptions
ACL Type Description
Prober Prober ACLs limit round-trip time probes.
Hops Hops ACLs limit traceroute probes.
Discovery Discovery ACLs limit port discovery probes.

To define ACLs using the Configuration utility

  1. In the navigation pane, click System.
    The System - General screen opens.
  2. On the toolbar, click ACL.
    The ACL Configuration screen opens.
  3. Add the settings for the ACLs you want to create, and click Update. For more information on this screen, click Help on the toolbar.

To define ACLs using the command line

Tip: When you create ACLs by manually editing the wideip.conf file, we strongly recommend that you put the ACLs in a separate include file.

  1. If one does not already exist, create a file called region.ACL in the /var/3dns/include directory. You must add the include file at the beginning of the wideip.conf file.
  2. Add the file to /etc/wideip.conf by typing, at the command line:

    include "region.ACL"

  3. The ACLs you can create are probe_acl, hops_acl, and discovery_acl. Figure 2.1 is an example the syntax for a region.ACL file with definitions for the three ACL types.

Figure 2.1 Sample region.ACL file

 actions {     
NO_RELAY
delete rdb ACL region "probe_acl"
delete rdb ACL region "hops_acl"
delete rdb ACL region "discovery_acl"
}
region_db ACL {
region {
name "probe_acl"
region "probe_acl"
192.168.4.0/24
}
region {
name "hops_acl"
192.168.2.0/16
}
region {
name "discovery_acl"
192.168.11.11/32
192.168.4.0/24
}
}
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)