Access Lists
ClawNex provides IP and domain deny lists for network-level access control, managed from the Access Lists panel in the DEFENSE group.
Available Lists
- IP deny list — block traffic from specific IP addresses
- Domain deny list — block traffic to/from specific domains
Managing Entries
Entries can be added and removed from the dashboard or via the MCP manage_access tool. Each change is logged in the audit trail with a reason.
Adding an entry
- Navigate to Access Lists in the sidebar
- Select the list type (IP or Domain)
- Click Add
- Enter the value and a reason for the change
- Click Save
Removing an entry
- Find the entry in the list
- Click Remove
- Confirm the removal
Enterprise Features
The following capabilities are badged as Enterprise:
| Feature | Description |
|---|---|
| User access control lists | Define user-level access restrictions |
| Network allow lists | Restrict access to a defined set of allowed IPs (allow mode instead of deny mode) |
API and MCP Access
Access lists can also be managed programmatically:
- MCP tool:
manage_access— add or remove entries withaction,list_type,entry_type,value, andreasonparameters - REST API: Internal API endpoints for list management (session-authenticated when RBAC is enabled)