Manuals / Apple / Kitchen Appliance / Frozen Dessert Maker

Apple 034-2351_Cvr manual To create an IP filter for UDP ports

Models: 034-2351_Cvr

1 97

Download 97 pages 56.32 Kb

Page 53

•Remote Desktop

•NFS

•NetInfo

UDP ports above 1023 are allocated dynamically by certain services, so their exact port numbers may not be determined in advance.

Addresses can be listed as individual addresses (192.168.2.2) or IP address and CIDR netmask (192.168.2.0/24).

To easily configure UDP access for these ports, see “Opening the Firewall for Standard Services” on page 49. If you need more advanced firewall settings for these basic UDP services, use the following instructions to create them.

To create an IP filter for UDP ports:

1In Server Admin, choose Firewall from the Computers & Services list.

2Click Settings.

3Select the Advanced tab.

4Click the New button.

Alternatively, you can select a rule similar to the one you want to create, and click Duplicate then Edit.

5Select whether this filter will allow or deny access in the Action pop-up menu.

6Choose UDP from the Protocol pop-up menu.

7Choose a UDP service from the pop-up menu.

If you want to select a nonstandard service port, choose Other.

8If desired, choose to log packets that match the filter.

9Enter the Source IP address range you want to filter.

If you want it to apply to any address, choose Any from the pop-up menu.

If you have selected a nonstandard service port, enter the source port number.

10Enter the Destination IP address range you want to filter.

If you want it to apply to any address, choose Any from the pop-up menu.

If you have selected a nonstandard service port, enter the source port number.

11Choose which network interface this filter applies to.

12Click OK.

13Click Save to apply the filter immediately.

Chapter 3 IP Firewall Service

53

Image 53

Apple 034-2351_Cvr manual To create an IP filter for UDP ports

Contents

For Version 10.3 or Later Mac OS X Server Network Services Administration034-2351/9-20-03 Apple Computer, Inc2003 Apple Computer, Inc. All rights reserved How to Use This Guide ContentsUsing This Guide Setting Up Mac OS X Server for the First TimeConfiguring NAT Service NAT ServiceMonitoring NAT Service VPN ServiceUsing This Guide How to Use This GuideWhat’s Included in This Guide PrefaceGetting Additional Information Setting Up Mac OS X Server for the First TimeGetting Help for Everyday Management Tasks Before You Set Up DHCP Service DHCP ServiceCreating Subnets Using Static IP AddressesAssigning IP Addresses Dynamically Locating the DHCP ServerUsing Multiple DHCP Servers on a Network Setting Up DHCP Service for the First TimeInteracting With Other DHCP Servers Assigning Reserved IP AddressesStarting and Stopping DHCP Service Managing DHCP ServiceCreating Subnets in DHCP Service Step 2 Set up logs for DHCP serviceTo change subnet settings Changing Subnet Settings in DHCP ServiceSetting the DNS Server for a DHCP Subnet Deleting Subnets From DHCP ServiceChanging IP Address Lease Times for a Subnet To delete subnets or address rangesTo set LDAP options for a subnet Setting LDAP Options for a SubnetSetting WINS Options for a Subnet To disable a subnet Monitoring DHCP ServiceDisabling Subnets Temporarily Viewing the DHCP Status OverviewTo set up the log detail level Setting the Log Detail Level for DHCP ServiceViewing DHCP Log Entries Viewing the DHCP Client ListWhere to Find More Information DNS Service Setting Up DNS Service for the First Time Before You Set Up DNS ServiceSetting Up Multiple Name Servers DNS and BINDStep 2 Learn and plan Step 6 Set up a mail exchange MX record optional Step 3 Configure basic DNS settingsStep 8 Start DNS service Step 4 Create a DNS ZoneStarting and Stopping DNS Service Managing DNS ServiceTo start or stop DNS service To enable or disable zone transferManaging Zones To enable or disable recursionAdding a Master Zone MasterTo add a slave zone Adding a Slave ZoneTo add a master zone Duplicating a Zone Adding a Forward ZoneTo add a forward zone To duplicate a zoneModifying a Zone Managing RecordsDeleting a Zone To modify a zoneTo add a record Adding a Record to a ZoneDeleting a Record From a Zone Modifying a Record in a ZoneTo modify a record To delete a recordViewing DNS Service Activity Viewing DNS Service StatusTo view DNS service status To view DNS service activityViewing DNS Usage Statistics Changing DNS Log File LocationTo change the log detail level To change the log detail levelDNS Spoofing Securing the DNS ServerServer Mining To see DNS usage statisticsDenial-of-ServiceDoS DNS Service ProfilingTo specify zone transfer IP addresses To alter BIND’s version responseallow-recursion 127.0.0.0/8 Service Piggybackingoptions Setting Up MX Records Enabling Redundant Mail Servers Configuring DNS for Mail ServiceTo enable MX records To enable backup or redundant mail servers Setting Up Namespace Behind a NAT RouterNetwork Load Distribution aka Round Robin Setting Up a Private TCP/IP NetworkWhat Is BIND? Configuring BIND Using the Command LineBIND on Mac OS X Server BIND Configuration FilePractical Example Zone Data FilesConfiguring Clients Setting Up Sample Configuration FilesTo set up the sample files Check Your Configuration Using DNS With Dynamically Assigned IP AddressesWhere to Find More Information Request For Comment DocumentsPage IP Firewall Service Chapter 3 IP Firewall Service Understanding Firewall Filters What is a Filter?IP Address Subnet MaskNumber of addresses Chapter 3 IP Firewall ServiceCIDR Corresponds to NetmaskRule Mechanism and Precedence Using Address RangesMultiple IP Addresses SampleStep 2 Start firewall service Setting Up Firewall Service for the First TimeStep 1 Learn and plan Step 4 Add filters to the IP filter listStarting and Stopping Firewall Service Managing Firewall ServiceOpening the Firewall for Standard Services Step 5 Save firewall service changesTo create an address group To open the firewall for standard servicesCreating an Address Group Duplicating an Address Group Editing or Deleting an Address GroupCreating an Advanced IP Filter for TCP ports To edit or delete an address groupTo create an IP filter for TCP ports Creating an Advanced IP Filter for UDP PortsTo create an IP filter for UDP ports To change the Default setting Changing the Default FilterEditing Advanced IP Filters To edit advanced IP filtersSetting Up Logs for Firewall Service Monitoring Firewall ServiceTo set up logs To view the log for firewall serviceViewing Packets Logged by Filter Rules Viewing Denied PacketsLog Example To view denied packetsPractical Examples Block Access to Internet UsersBlock Junk Mail To do thisTo do this Allow a Customer to Access the Apple File ServerTo do this Controlling or Enabling Peer-to-PeerNetwork Usage Preventing Denial-of-ServiceDoS AttacksTo prevent ping denial-of-serviceattacks Background Advanced ConfigurationControlling or Enabling Network Game Usage Creating IP Filter Rules Using ipfw PrecautionsCreating IP Filter Rules Reviewing IP Filter RulesChapter 3 IP Firewall Service Rule numberDeleting IP Filter Rules Port ReferenceTCP port Chapter 3 IP Firewall ServiceUsed for ReferenceTCP port Chapter 3 IP Firewall ServiceUsed for ReferenceWhere to Find More Information For more information about ipfwRequest For Comment Documents man ipfwTo start NAT service NAT ServiceStarting and Stopping NAT Service Monitoring NAT Service Configuring NAT ServiceTo configure NAT service Viewing the NAT Status OverviewFor more information about natd To view the NAT divert logWhere to Find More Information Request For Comment DocumentsPage VPN Service VPN and Security Authentication MethodTransport Protocols Point to Point Tunneling Protocol PPTPManaging VPN Service Before You Set Up VPN ServiceStarting or Stopping VPN Service Enabling and Configuring L2TP Transport ProtocolTo enable PPTP Enabling and Configuring PPTP Transport ProtocolTo enable L2TP To set routing definitions Configuring VPN Network Routing DefinitionsTo configure addition network settings Setting the Log Detail Level for VPN Service Monitoring VPN ServiceSetting the VPN Log Archive Interval To set up the log archive intervalViewing VPN Client Connections Viewing the VPN LogTo view the log To view client connectionsPage How NTP Works NTP ServiceTo set up NTP service Using NTP on Your NetworkSetting Up NTP Service To configure NTP on clients Configuring NTP on ClientsWhere to Find More Information Request For Comment DocumentsPage IPv6 Support IPv6 Addresses in the Server Admin IPv6 Enabled ServicesIPv6 Addresses NotationIPv6 Address Types IPv6 Reserved AddressesIPv6 Addressing Model Request For Comment Documents Where to Find More InformationGlossary GlossaryGlossary LDAP Lightweight Directory Access Protocol A standard client-serverprotocol for accessing a directory domain name server See DNS Domain Name System search path See search policy UCE unsolicited commercial email See spam Page Page Index IndexIndex Index