ProxySG Content Policy Language Guide

client.address=

Tests the IP address of the client. The expression can include an IP address or subnet or the label of a subnet definition block.

Important: If a user is explicitly proxied to the ProxySG, <Proxy> layer policy applies even if the URL destination is an administrative URL for the ProxySG itself, and should therefore also be covered under <Admin> layer policy. However, when the client.address= trigger is used in an <Admin> layer, clients explicitly proxied to the ProxySG appear to have their client IP address set to the IP address of the ProxySG.

Replaces: client_address=, acl=

Syntax

client.address=ip_addresssubnet_label

where:

ip_address—Client IP address or subnet specification; for example, 10.25.198.0/24.

subnet_label—Label of a subnet definition block that binds a number of IP addresses or subnets.

Layer and Transaction Notes

Can be used in all layers.

Unavailable if the transaction is not associated with a client.

Examples

;Blacklisted workstation. client.address=10.25.198.0 deny

;This example uses the client address to select the authentication realm for

;administration of the ProxySG.

<admin>

client.address=10.25.198.0/24 authenticate(LDAPRealm) client.address=10.25.199.0/24 authenticate(NTLMRealm) authenticate(LocalRealm) ; Everyone else

See Also

Conditions: client.protocol=, proxy.address=, proxy.card=, proxy.port=

Definitions: define subnet

60

Page 59 Page 61
Page 60
Image 60
Blue Coat Systems Proxy SG manual Client.address=
Page 59 Page 61
Top Page Image Contents