directive
The directive option determines how the target is compared to the source and/or the destination address that is being evaluated. The following directives can be used:
MATCH | Applies to destination addresses. If the address that is being evaluated matches the target, then the address is immediately selected to be used and evaluation stops. If the target is not matched, evaluation continues with the next entry. |
ONLY | Applies to destination addresses. If the address that is being evaluated does not match the target, it is not used and evaluation stops for this address. If this was the only potential destination, the connection is not attempted. If there is an additional potential destination, it is evaluated starting over with the first entry. |
PROHIBITED | The target applies to both source and destination addresses. If a source is specified, it is ignored and the target is prohibited. If the matched address is a destination address, evaluation stops. If this was the only potential destination, the connection is not attempted. If there are additional potential destinations, they are evaluated starting over with the first entry. If the matched address is a source address, it is removed from the binding list. However, if source entries exist, the shortened binding list may not be used. (See source[/subnet].) Caution: On some platforms, prohibiting a local interface may cause unexpected results when connecting to remote hosts. Prohibiting a local interface does not affect connections that are internal to the host. |