How to Use IP Constraints
IP constraints can be set at different points in ADOIT. They need to use the following pattern:
An IP constraint consists of a comma separated list of rules.
A rule consists of an optional keyword ('allow' or 'deny') followed by a white space, and a CIDR range, IP address or address with wild card * (e.g. 192.168.*). The keyword "all" can be used to match all addresses.
If rules are present, but no match is made, the default setting is "deny". If no rules are present, the default setting is "allow".
The first matching rule decides. E.g. when you formulate a constraint like "allow 192.*, deny 192.168.0.1", the 'deny' rule would have no effect, as that address matches the 'allow' rule already.
Deny all IP addresses starting with 192., deny the IP address 126.96.36.199, allow all other IP addresses:
deny 192.*,deny 188.8.131.52,allow all
Allow all IP addresses starting with 178. except 184.108.40.206, deny all other IP addresses:
deny 220.127.116.11,allow 178.*