are responsible for handling all interaction with the clients, including accepting the connections, reading requests, and sending responses. ds-cfg-connection-handler top Indicates whether the is enabled. ds-cfg-enabled Specifies the fully-qualified name of the Java class that provides the implementation. org.opends.server.api.ConnectionHandler ds-cfg-java-class Specifies a set of host names or address masks that determine the clients that are allowed to establish connections to this connection handler. Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask. Changes to this configuration attribute take effect immediately and do not interfere with connections that may have already been established. All clients with addresses that do not match an address on the deny list are allowed. If there is no deny list, then all clients are allowed. ds-cfg-allowed-client Specifies a set of host names or address masks that determine the clients that are not allowed to establish connections to this connection handler. Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask. If both allowed and denied client masks are defined and a client connection matches one or more masks in both lists, then the connection is denied. If only a denied list is specified, then any client not matching a mask in that list is allowed. Changes to this configuration attribute take effect immediately and do not interfere with connections that may have already been established. If an allow list is specified, then only clients with addresses on the allow list are allowed. Otherwise, all clients are allowed. ds-cfg-denied-client