Manuals / Apple / Kitchen Appliance / Frozen Dessert Maker

Apple 034-2351_Cvr manual Creating an Advanced IP Filter for UDP Ports

Models: 034-2351_Cvr

1 97

Download 97 pages 56.32 Kb

Page 52

52

To create an IP filter for TCP ports:

1In Server Admin, choose Firewall from the Computers & Services list.

2Click Settings.

3Select the Advanced tab.

4Click the New button.

Alternatively, you can select a rule similar to the one you want to create, and click Duplicate then Edit.

5Select whether this filter will allow or deny access in the Action pop-up menu.

6Choose TCP from the Protocol pop-up menu.

7Choose a TCP service from the pop-up menu.

If you want to select a nonstandard service port, choose Other.

8If desired, choose to log packets that match the filter.

9Enter the Source IP address range you want to filter.

If you want it to apply to any address, choose Any from the pop-up menu.

If you have selected a nonstandard service port, enter the source port number.

10Enter the Destination IP address range you want to filter.

If you want it to apply to any address, choose Any from the pop-up menu.

If you have selected a nonstandard service port, enter the source port number.

11Choose which network interface this filter applies to.

12Click OK.

13Click Save to apply the filter immediately.

Creating an Advanced IP Filter for UDP Ports

You can use the Advanced Settings pane to configure very specific filters for UDP ports. Many services use User Datagram Protocol (UDP) to communicate with the server. By default, all UDP connections are allowed. You should apply filters to UDP ports sparingly, if at all, because “deny” filters could create severe congestion in your server traffic.

If you filter UDP ports, don’t select the “Log all allowed packets” option in the filter configuration windows in Server Admin. Since UDP is a “connectionless” protocol, every packet to a UDP port will be logged if you select this option.

You should also allow UDP port access for specific services, including:

•DNS

•DHCP

•SLP

•Windows Name Service browsing

Chapter 3 IP Firewall Service

Image 52

Apple 034-2351_Cvr manual Creating an Advanced IP Filter for UDP Ports, To create an IP filter for TCP ports

Contents

Mac OS X Server Network Services Administration For Version 10.3 or Later2003 Apple Computer, Inc. All rights reserved Apple Computer, Inc034-2351/9-20-03 Contents How to Use This GuideUsing This Guide Setting Up Mac OS X Server for the First TimeNAT Service Configuring NAT ServiceMonitoring NAT Service VPN ServiceHow to Use This Guide Using This GuideWhat’s Included in This Guide PrefaceGetting Help for Everyday Management Tasks Setting Up Mac OS X Server for the First TimeGetting Additional Information DHCP Service Before You Set Up DHCP ServiceUsing Static IP Addresses Creating SubnetsAssigning IP Addresses Dynamically Locating the DHCP ServerSetting Up DHCP Service for the First Time Using Multiple DHCP Servers on a NetworkInteracting With Other DHCP Servers Assigning Reserved IP AddressesManaging DHCP Service Starting and Stopping DHCP ServiceCreating Subnets in DHCP Service Step 2 Set up logs for DHCP serviceChanging Subnet Settings in DHCP Service To change subnet settingsDeleting Subnets From DHCP Service Setting the DNS Server for a DHCP SubnetChanging IP Address Lease Times for a Subnet To delete subnets or address rangesSetting WINS Options for a Subnet Setting LDAP Options for a SubnetTo set LDAP options for a subnet Monitoring DHCP Service To disable a subnetDisabling Subnets Temporarily Viewing the DHCP Status OverviewSetting the Log Detail Level for DHCP Service To set up the log detail levelViewing DHCP Log Entries Viewing the DHCP Client ListWhere to Find More Information DNS Service Before You Set Up DNS Service Setting Up DNS Service for the First TimeSetting Up Multiple Name Servers DNS and BINDStep 2 Learn and plan Step 3 Configure basic DNS settings Step 6 Set up a mail exchange MX record optionalStep 8 Start DNS service Step 4 Create a DNS ZoneManaging DNS Service Starting and Stopping DNS ServiceTo start or stop DNS service To enable or disable zone transferTo enable or disable recursion Managing ZonesAdding a Master Zone MasterTo add a master zone Adding a Slave ZoneTo add a slave zone Adding a Forward Zone Duplicating a ZoneTo add a forward zone To duplicate a zoneManaging Records Modifying a ZoneDeleting a Zone To modify a zoneAdding a Record to a Zone To add a recordModifying a Record in a Zone Deleting a Record From a ZoneTo modify a record To delete a recordViewing DNS Service Status Viewing DNS Service ActivityTo view DNS service status To view DNS service activityChanging DNS Log File Location Viewing DNS Usage StatisticsTo change the log detail level To change the log detail levelSecuring the DNS Server DNS SpoofingServer Mining To see DNS usage statisticsDNS Service Profiling Denial-of-ServiceDoSTo specify zone transfer IP addresses To alter BIND’s version responseoptions Service Piggybackingallow-recursion 127.0.0.0/8 Setting Up MX Records To enable MX records Configuring DNS for Mail ServiceEnabling Redundant Mail Servers Setting Up Namespace Behind a NAT Router To enable backup or redundant mail serversSetting Up a Private TCP/IP Network Network Load Distribution aka Round RobinConfiguring BIND Using the Command Line What Is BIND?BIND Configuration File BIND on Mac OS X ServerPractical Example Zone Data FilesTo set up the sample files Setting Up Sample Configuration FilesConfiguring Clients Using DNS With Dynamically Assigned IP Addresses Check Your ConfigurationRequest For Comment Documents Where to Find More InformationPage IP Firewall Service Chapter 3 IP Firewall Service What is a Filter? Understanding Firewall FiltersIP Address Subnet MaskChapter 3 IP Firewall Service Number of addressesCIDR Corresponds to NetmaskUsing Address Ranges Rule Mechanism and PrecedenceMultiple IP Addresses SampleSetting Up Firewall Service for the First Time Step 2 Start firewall serviceStep 1 Learn and plan Step 4 Add filters to the IP filter listManaging Firewall Service Starting and Stopping Firewall ServiceOpening the Firewall for Standard Services Step 5 Save firewall service changesCreating an Address Group To open the firewall for standard servicesTo create an address group Editing or Deleting an Address Group Duplicating an Address GroupCreating an Advanced IP Filter for TCP ports To edit or delete an address groupCreating an Advanced IP Filter for UDP Ports To create an IP filter for TCP portsTo create an IP filter for UDP ports Changing the Default Filter To change the Default settingEditing Advanced IP Filters To edit advanced IP filtersMonitoring Firewall Service Setting Up Logs for Firewall ServiceTo set up logs To view the log for firewall serviceViewing Denied Packets Viewing Packets Logged by Filter RulesLog Example To view denied packetsBlock Access to Internet Users Practical ExamplesBlock Junk Mail To do thisTo do this Allow a Customer to Access the Apple File ServerTo do this To prevent ping denial-of-serviceattacks Preventing Denial-of-ServiceDoS AttacksControlling or Enabling Peer-to-PeerNetwork Usage Controlling or Enabling Network Game Usage Advanced ConfigurationBackground Precautions Creating IP Filter Rules Using ipfwReviewing IP Filter Rules Creating IP Filter RulesChapter 3 IP Firewall Service Rule numberPort Reference Deleting IP Filter RulesChapter 3 IP Firewall Service TCP portUsed for ReferenceChapter 3 IP Firewall Service TCP portUsed for ReferenceFor more information about ipfw Where to Find More InformationRequest For Comment Documents man ipfwStarting and Stopping NAT Service NAT ServiceTo start NAT service Configuring NAT Service Monitoring NAT ServiceTo configure NAT service Viewing the NAT Status OverviewTo view the NAT divert log For more information about natdWhere to Find More Information Request For Comment DocumentsPage VPN Service Authentication Method VPN and SecurityTransport Protocols Point to Point Tunneling Protocol PPTPBefore You Set Up VPN Service Managing VPN ServiceStarting or Stopping VPN Service Enabling and Configuring L2TP Transport ProtocolTo enable L2TP Enabling and Configuring PPTP Transport ProtocolTo enable PPTP To configure addition network settings Configuring VPN Network Routing DefinitionsTo set routing definitions Monitoring VPN Service Setting the Log Detail Level for VPN ServiceSetting the VPN Log Archive Interval To set up the log archive intervalViewing the VPN Log Viewing VPN Client ConnectionsTo view the log To view client connectionsPage NTP Service How NTP WorksSetting Up NTP Service Using NTP on Your NetworkTo set up NTP service Configuring NTP on Clients To configure NTP on clientsWhere to Find More Information Request For Comment DocumentsPage IPv6 Support IPv6 Enabled Services IPv6 Addresses in the Server AdminIPv6 Addresses NotationIPv6 Addressing Model IPv6 Reserved AddressesIPv6 Address Types Where to Find More Information Request For Comment DocumentsGlossary GlossaryGlossary LDAP Lightweight Directory Access Protocol A standard client-serverprotocol for accessing a directory domain name server See DNS Domain Name System search path See search policy UCE unsolicited commercial email See spam Page Page Index IndexIndex Index