Allow and Deny list handling

Content Platform Tenant Management Help

Version
9.7.x
File Size
4269 KB
Audience
anonymous
Part Number
MK-95HCPH002-19

IP addresses can be included in neither, one, or both of the Allow and Deny lists for REST, the S3 compatible API, WebDAV, CIFS, and SMTP. They can be included or not included in the Allow list for the NFS protocol. The way HCP handles allowed and denied IP addresses differs depending on the protocol.

Allow and Deny list handling for REST, the S3 compatible API, and WebDAV

For HTTP and WebDAV, you can choose how HCP handles Allow and Deny list entries by selecting or deselecting Allow request when same IP is used in both lists in the HTTP(S) panel. The table below describes the effects of selecting or deselecting this option. Either action takes effect immediately.

Allow requests when same IP is used in both lists
List entries Selected Not selected

Allow list: empty

Deny list: empty

All IP addresses can access the namespace through REST, the S3 compatible API, and WebDAV. No IP addresses can access the namespace through REST, the S3 compatible API, or WebDAV.

Allow list: at least one entry

Deny list: empty

All IP addresses can access the namespace through REST, the S3 compatible API, and WebDAV. Only IP addresses in the Allow list can access the namespace through REST and WebDAV.

Allow list: empty

Deny list: at least one entry

All IP addresses not in the Deny list can access the namespace through REST, the S3 compatible API, and WebDAV. IP addresses in the Deny list cannot. No IP addresses can access the namespace through REST, the S3 compatible API, or WebDAV.

Allow list: at least one entry

Deny list: at least one entry

IP addresses appearing in both or neither of the lists can access the namespace through REST, the S3 compatible API, and WebDAV. Only IP addresses appearing in the Allow list and not in the Deny list can access the namespace through REST, the S3 compatible API, or WebDAV.

Allow and Deny list handling for CIFS

For CIFS, HCP handles Allow and Deny list entries as described in the table below.

List entries Effect

Allow list: empty

Deny list: empty

All IP addresses can access the namespace through the CIFS protocol.

Allow list: at least one entry

Deny list: empty

Only IP addresses in the Allow list can access the namespace through the CIFS protocol.

Allow list: empty

Deny list: at least one entry

All IP addresses that are not in the Deny list can access the namespace through the CIFS protocol. IP addresses in the Deny list cannot.

Allow list: at least one entry

Deny list: at least one entry

IP addresses that appearing in the Allow list and the Deny list cannot access the namespace through the CIFS protocol.

Allow list handling for NFS

For NFS, if the Allow list in the NFS panel includes one or more IP addresses, those addresses have access to the namespace through NFS and all others don’t. If the list is empty, all IP addresses can access the namespace through NFS.

Allow and Deny list handling for SMTP

For SMTP, HCP handles Allow and Deny list entries as described in the table below.

List entries Effect

Allow list: empty

Deny list: empty

All IP addresses can access the namespace through the SMTP protocol.

Allow list: at least one entry

Deny list: empty

Only IP addresses in the Allow list can access the namespace through the SMTP protocol.

Allow list: empty

Deny list: at least one entry

No IP addresses can access the namespace through the SMTP protocol.

Allow list: at least one entry

Deny list: at least one entry

Only IP addresses appearing in the Allow list and not in the Deny list can access the namespace through the SMTP protocol.