Canon VB101 User Manual page 26

Detail Settings
Differences in Access Control by Application
When Users are Restricted
Client Type
Web browser Administrator and registered users
WebView Java Viewer Administrator and registered users
WebView Helper Viewer
(use The Administrator Viewer)
FTP client System administrator only
When Hosts are Restricted
Client Type
Web browser Authorized hosts only
WebView Java Viewer Authorized hosts only
WebView Helper Viewer Authorized hosts only
FTP client
Authorized/Limited Host List Descriptions
The Host Restriction function applies to hosts running client applications such as viewer. Access
restrictions are imposed using a list made up of one or more entries written using the format
described below.
Listing Format
[!]addr[/mask] (items in square brackets are optional)
"addr" and "mask" are written in standard IP address format and specify the range of IP
addresses.
Let host IP address is A, if the value of A masked by "mask" in the bit pattern matches the
"addr" value, this indicates that A belongs to addr/mask.
When you provide a host IP address A and want to determine whether access is authorized or
denied for that host, the entries to which A belongs are searched from the top of the list. If the
retrieve entry begins with an exclamation mark (!), access is prohibited. If not, access is permitted.
Redundant or contradictory entries included in the list are deleted. The order in which the list
is displayed can be altered so that it begins with specific entries or so that generic entries are
displayed from the end.
If the given address does not belong to any of the entries, access is authorized.
50
Permissible Users
Administrator
Permissible Hosts
N/A
Listing Guidelines
Descriptions in the Authorized/Limited Host List are extremely complex, and errors in the settings
can result in access being prohibited where it should be permitted. To avoid this, follow the
guidelines given below with great care.
1.Left-align the mask
172.20.0.0/255.255.0.0 -- Correct
172.0.28.0/255.0.255.0 -- Incorrect
2.Use prohibited entries mainly rather than permitted entries.
!172.20.26.0/255.255.255.0
!172.20.28.0/255.255.255.0
3.Make permitted entries subsets of prohibited entries.
172.20.26.0/255.255.255.0
172.20.28.0/255.255.255.0
!172.20.0.0/255.255.0.0
4.List specific entries before generic entries.
Not like this:
!172.20.0.0/255.255.0.0
172.20.28.0/255.255.255.0
Like this:
172.20.28.0/255.255.255.0
!172.20.0.0/255.255.0.0
5.Avoid dangerous settings.
0.0.0.0/255.255.255.255
10.0.0.0/0.0.0.0
Such specification are not prohibited, but will effectively prohibit access from all hosts. Avoid
entry !0.0.0.0/0.0.0.0 in particular wherever possible.
c
The default value for "mask" is 255.255.255.255.
If you do not make a list, access is permitted to all hosts.
Note
If the list provided prohibits access for all hosts, the Host Limiting function
is disabled and access is permitted to all hosts.
If you set the host limitations incorrectly, access to the settings page itself
may be prohibited. In this event, the problem can only be recovered by
restoring the factory default settings.
Detail Settings
3
51