On Oct 22, 2019, at 9:40 AM, Alexander Bokovoy <abokovoy@redhat.com> wrote: Since IP addresses are practically spoofable or NATable, they don't make a good source of policy decision.