Oracle control ip connection

Oracle controls the connection of ip addresses (we can also use database triggers to record user logon conditions, but cannot record users with dba permissions), simply set allowed IP addresses and prohibited IP addresses, before oracle9i, there was a document about adding or modifying protocol. the ora file, which actually works in 9i and later versions, is sqlnet. ora file, we modify sqlnet. ora is actually the best and fastest way

Functions of sqlnet. ora files:
1. Specify the client domain to append to unqualified names
2. Prioritize naming methods
3. Enable logging and tracing features
4. Route connections through specific processes
5. Configure parameters for external naming
6. Configure Oracle Advanced Security
7. Use protocol-specific parameters to restrict access to the database
I use 7th functions here.

Add the following content to sqlnet. ora:
-----------------------------

Tcp. validnode_checking = yes

# IP addresses allowed for access
Tcp. invited_nodes = (ip1, ip2 ......)

# IP addresses that are not allowed to access
Tcp. excluded_nodes = (ip1, ip2 ......)

Then restart the listener.

Eg:
# Sqlnet. ora Network Configuration File: E: \ oracle \ product \ 10.2.0 \ db_3 \ network \ admin \ sqlnet. ora
# Generated by Oracle configuration tools.
# This file is actually generated by netca. But if MERs choose
# Install "Software Only", this file wont exist and without the native
# Authentication, they will not be able to connect to the database on NT.
SQLNET. AUTHENTICATION_SERVICES = (CNT)
NAMES. DIRECTORY_PATH = (TNSNAMES, EZCONNECT)
# Skate modify
Tcp. validnode_checking = yes
Tcp. invited_nodes = (192.168.0.103)
Tcp. excluded_nodes = (192.168.0.10)

Notes:
1. You must set the parameter YES to activate the service.
2. It is recommended that you set the IP addresses that are allowed to be accessed, because the IP addresses may be modified at will and cannot be used for your own purposes.
3. TCP overwrites the TCP. EXCLUDED_NODES setting when the TCP. INVITED_NODES and TCP. EXCLUDED_NODES parameters are the same.
4. the listener must be restarted to take effect.
5. This method is only applicable to the TCP protocol.
6. This configuration applies to 9i and later versions. Use the file protocol. ora in versions earlier than 9i.
7. directly connecting to the database on the server is not affected.
8. This method is restricted by the listener.
9. This restriction only applies to IP detection and is not supported for user name detection.