Manuals / Apple / Kitchen Appliance / Frozen Dessert Maker

Apple 034-2351_Cvr manual Practical Examples, Block Access to Internet Users, Block Junk Mail

Models: 034-2351_Cvr

1 97

Download 97 pages 56.32 Kb

Page 57

Practical Examples

The IP filters you create work together to provide security for your network. The examples that follow show how to use filters to achieve some specific goals.

Block Access to Internet Users

This section shows you, as an example, how to allow users on your subnet access to your server’s Web service, but deny access to the general public on the Internet:

To do this:

1In Server Admin, choose Firewall from the Computers & Services list.

2Click Settings.

3Select the General tab.

4Select the Any address group.

5Make sure that Web Service is disabled in the right pane.

6Click the Add button to create an address range.

7Name the address group.

8Add the local network address range.

This is done by using an example address from the network with its network mask in CIDR notation. For example, if a user has an address of 192.168.1.20 and the network mask is 255.255.255.0, then enter 192.168.1.20/24.

9Click OK.

10Select your newly created address group.

11Select “Web Service” in the right pane to enable web access.

12Click Save.

Block Junk Mail

This section shows you, as an example, how to reject email from a junk mail sender with an IP address of 17.128.100.0 and accept all other Internet email:

Chapter 3 IP Firewall Service

57

Image 57

Apple 034-2351_Cvr manual Practical Examples, Block Access to Internet Users, Block Junk Mail, To do this

Contents

For Version 10.3 or Later Mac OS X Server Network Services AdministrationApple Computer, Inc 2003 Apple Computer, Inc. All rights reserved034-2351/9-20-03 How to Use This Guide ContentsUsing This Guide Setting Up Mac OS X Server for the First TimeConfiguring NAT Service NAT ServiceMonitoring NAT Service VPN ServiceUsing This Guide How to Use This GuideWhat’s Included in This Guide PrefaceSetting Up Mac OS X Server for the First Time Getting Help for Everyday Management TasksGetting Additional Information Before You Set Up DHCP Service DHCP ServiceCreating Subnets Using Static IP AddressesAssigning IP Addresses Dynamically Locating the DHCP ServerUsing Multiple DHCP Servers on a Network Setting Up DHCP Service for the First TimeInteracting With Other DHCP Servers Assigning Reserved IP AddressesStarting and Stopping DHCP Service Managing DHCP ServiceCreating Subnets in DHCP Service Step 2 Set up logs for DHCP serviceTo change subnet settings Changing Subnet Settings in DHCP ServiceSetting the DNS Server for a DHCP Subnet Deleting Subnets From DHCP ServiceChanging IP Address Lease Times for a Subnet To delete subnets or address rangesSetting LDAP Options for a Subnet Setting WINS Options for a SubnetTo set LDAP options for a subnet To disable a subnet Monitoring DHCP ServiceDisabling Subnets Temporarily Viewing the DHCP Status OverviewTo set up the log detail level Setting the Log Detail Level for DHCP ServiceViewing DHCP Log Entries Viewing the DHCP Client ListWhere to Find More Information DNS Service Setting Up DNS Service for the First Time Before You Set Up DNS ServiceSetting Up Multiple Name Servers DNS and BINDStep 2 Learn and plan Step 6 Set up a mail exchange MX record optional Step 3 Configure basic DNS settingsStep 8 Start DNS service Step 4 Create a DNS ZoneStarting and Stopping DNS Service Managing DNS ServiceTo start or stop DNS service To enable or disable zone transferManaging Zones To enable or disable recursionAdding a Master Zone MasterAdding a Slave Zone To add a master zoneTo add a slave zone Duplicating a Zone Adding a Forward ZoneTo add a forward zone To duplicate a zoneModifying a Zone Managing RecordsDeleting a Zone To modify a zoneTo add a record Adding a Record to a ZoneDeleting a Record From a Zone Modifying a Record in a ZoneTo modify a record To delete a recordViewing DNS Service Activity Viewing DNS Service StatusTo view DNS service status To view DNS service activityViewing DNS Usage Statistics Changing DNS Log File LocationTo change the log detail level To change the log detail levelDNS Spoofing Securing the DNS ServerServer Mining To see DNS usage statisticsDenial-of-ServiceDoS DNS Service ProfilingTo specify zone transfer IP addresses To alter BIND’s version responseService Piggybacking optionsallow-recursion 127.0.0.0/8 Setting Up MX Records Configuring DNS for Mail Service To enable MX recordsEnabling Redundant Mail Servers To enable backup or redundant mail servers Setting Up Namespace Behind a NAT RouterNetwork Load Distribution aka Round Robin Setting Up a Private TCP/IP NetworkWhat Is BIND? Configuring BIND Using the Command LineBIND on Mac OS X Server BIND Configuration FilePractical Example Zone Data FilesSetting Up Sample Configuration Files To set up the sample filesConfiguring Clients Check Your Configuration Using DNS With Dynamically Assigned IP AddressesWhere to Find More Information Request For Comment DocumentsPage IP Firewall Service Chapter 3 IP Firewall Service Understanding Firewall Filters What is a Filter?IP Address Subnet MaskNumber of addresses Chapter 3 IP Firewall ServiceCIDR Corresponds to NetmaskRule Mechanism and Precedence Using Address RangesMultiple IP Addresses SampleStep 2 Start firewall service Setting Up Firewall Service for the First TimeStep 1 Learn and plan Step 4 Add filters to the IP filter listStarting and Stopping Firewall Service Managing Firewall ServiceOpening the Firewall for Standard Services Step 5 Save firewall service changesTo open the firewall for standard services Creating an Address GroupTo create an address group Duplicating an Address Group Editing or Deleting an Address GroupCreating an Advanced IP Filter for TCP ports To edit or delete an address groupTo create an IP filter for TCP ports Creating an Advanced IP Filter for UDP PortsTo create an IP filter for UDP ports To change the Default setting Changing the Default FilterEditing Advanced IP Filters To edit advanced IP filtersSetting Up Logs for Firewall Service Monitoring Firewall ServiceTo set up logs To view the log for firewall serviceViewing Packets Logged by Filter Rules Viewing Denied PacketsLog Example To view denied packetsPractical Examples Block Access to Internet UsersBlock Junk Mail To do thisAllow a Customer to Access the Apple File Server To do thisTo do this Preventing Denial-of-ServiceDoS Attacks To prevent ping denial-of-serviceattacksControlling or Enabling Peer-to-PeerNetwork Usage Advanced Configuration Controlling or Enabling Network Game UsageBackground Creating IP Filter Rules Using ipfw PrecautionsCreating IP Filter Rules Reviewing IP Filter RulesChapter 3 IP Firewall Service Rule numberDeleting IP Filter Rules Port ReferenceTCP port Chapter 3 IP Firewall ServiceUsed for ReferenceTCP port Chapter 3 IP Firewall ServiceUsed for ReferenceWhere to Find More Information For more information about ipfwRequest For Comment Documents man ipfwNAT Service Starting and Stopping NAT ServiceTo start NAT service Monitoring NAT Service Configuring NAT ServiceTo configure NAT service Viewing the NAT Status OverviewFor more information about natd To view the NAT divert logWhere to Find More Information Request For Comment DocumentsPage VPN Service VPN and Security Authentication MethodTransport Protocols Point to Point Tunneling Protocol PPTPManaging VPN Service Before You Set Up VPN ServiceStarting or Stopping VPN Service Enabling and Configuring L2TP Transport ProtocolEnabling and Configuring PPTP Transport Protocol To enable L2TPTo enable PPTP Configuring VPN Network Routing Definitions To configure addition network settingsTo set routing definitions Setting the Log Detail Level for VPN Service Monitoring VPN ServiceSetting the VPN Log Archive Interval To set up the log archive intervalViewing VPN Client Connections Viewing the VPN LogTo view the log To view client connectionsPage How NTP Works NTP ServiceUsing NTP on Your Network Setting Up NTP ServiceTo set up NTP service To configure NTP on clients Configuring NTP on ClientsWhere to Find More Information Request For Comment DocumentsPage IPv6 Support IPv6 Addresses in the Server Admin IPv6 Enabled ServicesIPv6 Addresses NotationIPv6 Reserved Addresses IPv6 Addressing ModelIPv6 Address Types Request For Comment Documents Where to Find More InformationGlossary GlossaryGlossary LDAP Lightweight Directory Access Protocol A standard client-serverprotocol for accessing a directory domain name server See DNS Domain Name System search path See search policy UCE unsolicited commercial email See spam Page Page Index IndexIndex Index