17.10 - Understanding Interactions Between Primary and Secondary Masked IPs - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

An IP filter can contain both an allow and a deny element, although it is not required. The interaction between the two element types (and their masks) depends on the type of filter they inhabit. The filter type determines which element the system processes first (the primary), as shown in Working with the Effects of Filter Type on allow and deny Elements. The primary element determines the basic rules by which the filter operates. The secondary element defines the exceptions to those rules.

The examples that follow show the interaction between allow and deny elements.

These examples are for a restrictive filter. Masking principles for a permissive filter are similar, but the filter tests allow and deny elements in the opposite order.