HBA is another way to restrict undesirable access to Cargador facilities.
HBA is a list of entries. Each entry has the following format:
<host>
<from type="ipmask" /> — IP mask of the form <B1.B2.B3.B4/masked>
<access type="string"> — access type. Possible values are
deny, plain, ssl, any (*)
</host>
If HBA list is empty, access will be implicitly granted;
When HBA list is not empty, IP address of incoming peer will be consecutively compared to the mask set in from field. If IP address matches connection will be either accepted or denied based on access parameter;
If IP address does not match any HBA entries, access will be implicitly denied.