48.5.2.2.2. Access Control
Option fields also allow administrators to explicitly allow or deny hosts in a single rule by adding the
allow or deny directive as the final option.
For example, the following two rules allow SSH connections from
client-1.example.com, but deny connections from client-2.example.com:
sshd : client-1.example.com : allow sshd : client-2.example.com : deny
By allowing access control on a per-rule basis, the option field allows administrators to consolidate all access rules into a single file: either
hosts.allow or hosts.deny. Some administrators consider this an easier way of organizing access rules.
