Define a named access control list. An ACL is a
list of network addresses in CIDR notation. Once defined, the ACL can
be used in Service statements to limit access to resources
(see ACL reference).
The statement has two forms: immediate and file reference ACL. In
immediate form, the CIDR list follows the ACL line and
is terminated with an End directive on a line by itself. Each
non-empty line contains a CIDR enclosed in double quotes. Comments
and Include statements (see File inclusion) are allowed.
For example:
ACL "secure" "192.0.2.0/26" "203.0.113.0/24" End
The syntax of named file reference ACL is:
ACL "name" -file "filename"
or
ACL "name" -filewatch "filename"
If filename is relative, it is looked up in the include directory.
The syntax of the file is similar to the described above, except that
CIDRs need not be quoted and Include statements are not
allowed. The form with -file reads the file contents once, at
the program startup. The one with -filewatch reads it and then
monitors that file for changes. See File-based Conditions, for a
detailed discussion.