When an IP filter encounters an incoming IP address during a logon, it uses the following process to determine whether or not the IP address is allowed access to Teradata Database.
- Convert the specified IP in the primary element, for example, the allow element IP 126.96.36.199 in a restrictive filter, to a binary string:
- Convert the primary element mask, for example 255.255.255.0, to a binary string.
- AND the binary string representing the allow element IP with the mask, to obtain the allow result (shown in bold):
10001101.11001110.00100011.00000000 11111111.11111111.11111111.00000000 ___________________________________ 10001101.11001110.00100011.00000000
- Examine the incoming IP address and convert it to binary format. For example, convert the incoming IP address 188.8.131.52 to the following binary string:
- AND the binary incoming IP address with the allow element mask to obtain the incoming IP result (shown in bold):
10001101.11001110.00100011.00111110 11111111.11111111.11111111.00000000 ___________________________________ 10001101.11001110.00100011.00000000
- Compare the binary incoming IP result with the allow element IP result (for this example, they are equal).
A filter has an effect on an incoming logon only if both of the following are true:
- The incoming IP result matches the allow result.
- The username in the logon appears in the appliesto element of the filter.