select * from section<?xml version='1.0' encoding='iso-8859-1' ?>
<article>
<id><![CDATA[32]]>></id>
<author><nick><![CDATA[Juan M. Casillas]]>></nick>
<email><![CDATA[juanm.casillas@jmcresearch.com]]>></email>
></author>
<title><![CDATA[Connection filter]]>></title>
<subtitle><![CDATA[Internal overview]]>></subtitle>
<body><![CDATA[&lt;h3&gt;Connection filter&lt;/h3&gt;

&lt;p&gt;
Load Balancer has a feature that allows to configure from
what ip addresses the connection are allowed or not. This
is useful, for example, to give restrict access to a 
developement site.
&lt;/p&gt;

&lt;p&gt;
The configuration directive for this feature is &lt;tt&gt;&lt;b&gt;allowfrom&lt;/b&gt;&lt;/tt&gt;
Under this tag, you can add filters that matches the ip addresses that 
will be accepted. You can use regular expressions inside the rules
&lt;/p&gt;

The configuration parameters for this tag are:
&lt;table border=1 width=100% cellpadding=5 class=thinborder&gt;

&lt;tr bgcolor=&quot;#f0f0f0&quot;&gt;
&lt;td class=thinborder_title&gt;&lt;b&gt;Option&lt;/b&gt;&lt;/td&gt;
&lt;td class=thinborder_title width=70%&gt;&lt;b&gt;Description&lt;/b&gt;&lt;/td&gt;&lt;/tr&gt;

&lt;tr&gt;&lt;td&gt;allowfrom&lt;/td&gt;
&lt;td&gt;
&lt;p&gt;
This is the configuration directive. Under this, there are 
rules that allows the connection for specific servers.

&lt;p&gt;
&lt;b&gt;Configuration options&lt;/b&gt;&lt;br&gt;
&lt;ul&gt;
&lt;li&gt;&lt;b&gt;enabled&lt;/b&gt;: This property allows the system to enable
                    (value yes) or disable (value no) the 
                    Connection filter feature.
&lt;/ul&gt;
&lt;b&gt;Rules&lt;/b&gt;&lt;br&gt;
&lt;ul&gt;
&lt;li&gt;&lt;b&gt;ip&lt;/b&gt;: You can have a variable number of &lt;tt&gt;ip&lt;/tt&gt;
               rules inside a allowfrom tag. This rules 
               defines what ips can connect with the load
               balancer. You can use regular expressions to
               match a range of addresses. If the client ip
               is not mached by any of the ip rules, the 
               connection is refused. Note also that the
               matching is done in the same order that the
               rules are inserted in the configuration 
               file; until the ip is matched or all the 
               rules are tested.
&lt;/ul&gt;
&lt;/p&gt;
&lt;br&gt;
&lt;/td&gt;&lt;/tr&gt;
&lt;/table&gt;
&lt;/p&gt; 

&lt;h3&gt;Allowfrom Sample&lt;/h3&gt;

&lt;pre&gt;
  &amp;lt;allowfrom enabled=&quot;no&quot;&amp;gt;
        &amp;lt;ip&amp;gt;192\.167\.*&amp;lt;/ip&amp;gt;
        &amp;lt;ip&amp;gt;127\.0\.0\.1&amp;lt;/ip&amp;gt;
        &amp;lt;ip&amp;gt;172\.16\.*&amp;lt;/ip&amp;gt;
  &amp;lt;/allowfrom&amp;gt;

&lt;/pre&gt;
]]>></body>
<keywords><![CDATA[load balancer  connection filter]]>></keywords>
<stamp><![CDATA[1063914370]]>></stamp>
<updated><![CDATA[1070911507]]>></updated>
<language><![CDATA[0]]>></language>
<sections><section><![CDATA[Load Balancer]]></section>
></sections>
<site><![CDATA[http://www.jmcresearch.com]]>></site>
<url><![CDATA[http://www.jmcresearch.com//src/articlehelper.php?action=preview&amp;id=32]]>></url>
</article>