Host-Based Access Rules

Read/Write and Read Only.

By default, all hosts have read/write access. You have the option to restrict access by specifying sets of hosts with each type of access. Any hosts that are not specified for either read/write or read-only access cannot access the view.

The Read/Write type of rules lets you specify a deny rule, e.g. a rule that denies read/write access from an IP, a range of IPs, or a subnet. To create a deny rule, prepend the IP(s) with a tilde, for example: ~192.0.2.0.

No Squash. All operations are supported. Use this option if you trust the root user not to perform operations that will corrupt data.

This option is not relevant for clients using NFSv4.1 with Kerberos, since Active Directory does not include the 'root' user principal by default and since the handling of credentials for the user with UID 0 depends on configuration of the rpc.gssd service.

Root Squash. The root user is mapped to nobody for all file and folder management operations on the export. This enables you to prevent the strongest super user from corrupting all user data on the VAST Cluster.

This option is not relevant for clients using NFSv4.1 with Kerberos, since Active Directory does not include the 'root' user principal by default and since the handling of credentials for the user with UID 0 depends on configuration of the rpc.gssd service.

All Squash. All client users are mapped to nobody for all file and folder management operations on the export.

Trash Access​​. This option is available only when ​trash folder access​​ is enabled for the cluster.​

You can configure host-based access rules for clients accessing the trash folder via NFSv3 and NFSv4. S3 access to the trash folder is not affected by host-based access rules.