powered by Jive Software

Whitelist BlackList security conflicts?

Hi there,

Is there a possibility for conflicts between the whitelists and blacklists?

Are IP addresses in the server configuration in the blacklist examined before the whitelist?

Can the following scenario happen where I want to make an exception of my own IP address:

allow IP

deny IP 192.168.1.*

if the blacklist is fired first then there is a conflict with what was intended by the whitelist.

In the scenario where you want to allow all IP addresses in a specific range except a single IP:

allow IP 192.168.1.*

deny IP

and if the whitelist is checked first, then the intended blacklist is not upheld.

If a whitelist is only used, then I presume only those IP addresses have access.

What happens if you have some whitelist IP addresses and some blacklist IP addresses? That is, what happens to packets that don’t match either the whitelist or blacklist? Are they dropped or accepted by default?