Epiphan Pearl User Manual

Pearl User Guide

User administration

Allow List with a Range of IP Addresses, Distinct IP Addresses, and an Exception

Building on the previous examples, consider the situation where you want the CEO’s computers
(192.168.1.50, 192.168.1.51, 192.168.75) and all boardroom computers (192.168.1.200-192.168.1.250)
to access the broadcast, with the exception of the public boardroom computer (192.168.1.211). Use both
allow and deny lists to create the rule as follows:

Allow: 192.168.1.200-192.168.1.250, 192.168.1.50-192.168.1.51, 192.168.1.75

Deny: 192.168.1.211

Both lists can have multiple ranges and multiple distinct IP addresses, provided they are separated by
commas.

Deny List with a Range of IP Addresses

Converse to the previous examples, consider the situation where you want every computer on the network to
access the broadcast, with the exception of the CEO’s desktop, laptop, and tablet computers. Additionally,
boardroom computers should not be permitted with the exception of the cafeteria computer (IP address
192.168.1.222).

The deny list is an "exception" list for the allow list. So to craft the rule described above we need to allow all the
computers in the local subnet, then deny specific sub-ranges including two groups of boardroom computers
ensuring the cafeteria computer's IP address is not in the deny list:

Allow: 192.168.1.1-192.168.1.250

Deny: 192.168.1.200-192.168.1.221, 192.168.1.223-192.168.1.250, 192.168.1.50-192.168.1.51,
192.168.1.75

35