/** * @return true if access for the candidate address should be permitted, false if access should be * denied. * @throws RuntimeException if no rule covers the candidate address. This would be the case if * this class is applied to some network protocol other than ipv4 or ipv6, without adding a * default rule for it. */ public boolean permitAccess(byte[] addr) { ensureAclsUptodate(); for (int i = 0; i < aclEntries.size(); i++) { if (((AclEntry) aclEntries.get(i)).matches(addr)) { AclEntry hit = (AclEntry) aclEntries.get(i); println( "Addr '" + ServerAcl.dottedNotation(addr) + "' matched rule #" + (i + 1) + ": " + hit); return hit.allow; } } throw new RuntimeException("No rule matches address '" + ServerAcl.dottedNotation(addr) + "'"); }