Syntax for Browser Address Lists
You can enter an IP address, such as 130.164.140.12, or a domain name, such as www.ni.com, in the Browser Access List.
Use the * wildcard to specify a group of browser addresses. For example, you can specify all browsers within the domain domain.com with the entry *.domain.com. You can specify all browsers in the subnet whose first two octets are 130.164 with the entry 130.164.*. You can only use the * wildcard at the beginning of a domain name or at the end of an IP address.
The permission for an entry later in the Browser Access List overrides previous permissions. You can click and drag an entry in the list to change the order.
For example, if you deny access to all browser addresses ending in *.test.site.com, but after that entry you give a.test.site.com and b.test.site.com access, those two browsers still have access, because the entries later in the list override the first entry.
In general, you should use the * wildcard to set up general allowances or denials, and follow those entries with more specific entries that reverse part of the previous permission. For best performance, place the most frequently matched entries toward the bottom of the list.
The following example illustrates how to use the * wildcard correctly.
Access List Entry | Permission Status | |
---|---|---|
* | Allows access to all browser addresses. | |
*.site.com | Allows access to all browser addresses ending with .site.com. | |
X | public.site.com | Denies access to this browser address even though previous entry allows access. |
X | *.test.site.com | Denies access to any browser address ending with .test.site.com. |
a.test.site.com | Allows access to this browser address even though previous entry denies access. | |
X | 130.164.123.* | Denies access to all browser addresses whose IP addresses begin with 130.164.123. |
130.164.123.123 | Allows access to this browser address even though previous entry denies access. |