Changing Firewall Service Settings

To change a setting:

$ sudo serveradmin settings ipfilter:setting = value

Parameter

Description

setting

An ipfilter service setting.

 

See “Firewall Service Settings” on page 229.

 

 

value

An appropriate value for the setting.

 

 

To change several settings:

$ sudo serveradmin settings ipfilter:setting = value ipfilter:setting = value ipfilter:setting = value

[...]

Control-D

Firewall Service Settings

Use the following parameters with the serveradmin tool to change settings for the

ipfilter service.

Parameter (ipfilter:)

Description

ipAddressGroupsWithRules:

An array of settings describing the services allowed for

_array_id:<group>...

specific IP address groups. See “ipfilter Groups with Rules

 

Array” on page 230.

 

 

rules:_array_id:<rule>:...

Arrays of rule settings, one array per defined rule. See

 

“ipfilter Rules Array” on page 233.

 

 

logAllDenied

Specifies whether to log all denials.

 

Default = no

 

 

ipAddressGroups:_array_id:

The address of a defined IP address group, the first

n:address

element of an array that defines an IP address group.

 

 

ipAddressGroups:_array_id:

The name of a defined IP address group, the second

n:name

element of an array that defines an IP address group.

 

 

logAllAllowed

Whether to log access allowed by rules.

 

Default = no

 

 

Chapter 14 Working with Network Services

229

Page 229
Image 229
Apple Mac OS X Server manual Changing Firewall Service Settings, Parameter ipfilter Description