## Controlling AFS Access using IP Addresses.
A common mistake is to put the IP address directly on a directory's ACL. As is explained in this [thread](https://lists.openafs.org/pipermail/openafs-info/2002-February/003292.html), that doesn't work. You need to create a group and put the IP addresses in there.
The user should be warned that IP addresses can be spoofed relatively easily.
See also [http://www.transarc.ibm.com/Support/afs/admin/IP\_acls.html](http://www.transarc.ibm.com/Support/afs/admin/IP_acls.html)
-- [[TedAnderson]] - 07 Feb 2002