14.2.2.ACL Definition/Removal

ACL's can be managed from the administration web interface using the following steps.

  • From Admin UI main menu open "System Admin" node.

  • Go to Security -> Access Control

  • By default three default ACLs are listed:

    HTTP - rules for the Web server
    NEWS - rules for the Internet News
    PROXY - rules for the Web Proxy Server
    PSH and PSH-SSL - available only when the pubsubhub_dav.vad is installed.

    Figure14.13.Access Control

    Access Control

  • New ACLs can be added by entering a list name and clicking "Add" button.

  • Existing ACLs can be edited by clicking on the link "Edit" beside each listed ACL.

  • To add new rules, enter the requested information and press button "Add".

  • To change the order of the rules use the "top", "bottom", "up" and "down" links.

  • ACL's can be removed using the Delete button.

Alternately the HTTP_ACL table can be directly manipulated with SQL. To add new rule:

INSERT INTO HTTP_ACL (HA_LIST, HA_ORDER, HA_CLIENT_IP, HA_RATE, HA_FLAG) values
('list_name', <order number>, '*pattern*', <hits_per_second_number>, [1/0]);

To remove existing rule:

DELETE from HTTP_ACL where HA_LIST = 'list_name' and HA_ORDER = <order number>
and HA_FLAG = [1/0] and HA_CLIENT_IP = '*pattern*';