How To Use Database Vault Rules To Filter The Incoming IP Accesses With a 'BETWEEN' Range (Doc ID 1930754.1)

Last updated on MAY 27, 2015

Applies to:

Oracle Database - Enterprise Edition - Version 11.2.0.3 and later
Information in this document applies to any platform.

Goal

If you need to restrict (or allow) a certain range of IP addresses using BETWEEN, beware the order in which character strings are ordered do not follow that of IP addresses as you may expect for example:

 

After we apply the rule which has the expression DVF.F$CLIENT_IP BETWEEN ''10.100.111.1'' AND ''10.100.111.10'' *), the sessions from the specified ip are still not able to connect to the db. However the expression "between and" is also been used in other ip address, and it works.


*) In the example the IP address range was changed to a non-routable address range.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms