Manuals / Brands / Computer Equipment / Server / Apple / Computer Equipment / Server

Apple oxs Checking the Status of Firewall Service, Viewing Firewall Service Settings, Changing Firewall Service Settings, Firewall Service Settings

1 175

Download 175 pages, 1.65 Mb

Chapter 13 Working With Network Services 137

Checking the Status of Firewall Service

To see summary status of Firewall service:

$ sudo serveradmin status ipfilter

To see detailed status of Firewall service, including rules:

$ sudo serveradmin fullstatus ipfilter

Viewing Firewall Service Settings

To list Firewall service configuration settings:

$ sudo serveradmin settings ipfilter

To list a particular setting:

$ sudo serveradmin settings ipfilter:setting

To list a group of settings:

Type only as much of the name as you want, stopping at a colon (:), then type an

asterisk (*) as a wildcard for the remaining parts of the name. For example,

$ sudo serveradmin settings ipfilter:ipAddressGroups:*

Changing Firewall Service Settings

To change a setting:

$ sudo serveradmin settings ipfilter:setting = value

To change several settings:

$ sudo serveradmin settings

ipfilter:setting = value

ipfilter:setting = value

ipfilter:setting = value

[...]

Control-D

Firewall Service Settings

Use the following parameters with the serveradmin command to change settings for

the IPFilter service.

Parameter Description

setting A IPFilter service setting. See “Firewall Service Settings” on

this page.

value An appropriate value for the setting.

Parameter (ipfilter:) Description

ipAddressGroupsWithRules:

_array_id:<group>... An array of settings describing the services allowed for

specific IP address groups. See “IPFilter Groups With Rules

Array” on page 138.

rules:_array_id:<rule>:... Arrays of rule settings, one array per defined rule. See

“IPFilter Rules Array” on page 141.

LL2354.book Page 137 Monday, October 20, 2003 9:47 AM

Contents

Main Contents Page Page Page Page Page Page Page About This Book Notation Conventions Summary Commands and Other Terminal Text Command Parameters and Options Default Settings Commands Requiring Root Privileges Using Terminal Correcting Typing Errors Repeating Commands Including Paths Using Drag-and-Drop Commands Requiring Root Privileges Sending Commands to a Remote Server Sending a Single Command Updating SSH Key Fingerprints Notes on Communication Security and servermgrd Using Telnet Getting Online Help for Commands Notes About Specific Commands and Tools serversetup serveradmin Page Finishing Basic Setup Automating Server Setup Creating a Configuration File Template Creating Customized Configuration Files from the Template File Chapter 2 Installing Server Software and Finishing Basic Setup 23 24 Chapter 2 Installing Server Software and Finishing Basic Setup Naming Configuration Files Storing a Configuration File in an Accessible Location Changing Server Settings Viewing, Validating, and Setting the Software Serial Number Updating Server Software Moving a Server Page Server Commands you can use to shut down or restart a local or remote server. Restarting a Server Examples Automatic Restart Changing a Remote Servers Startup Disk Shutting Down a Server Examples Preferences Viewing or Changing the Computer Name Date and Time Viewing or Changing the System Date Viewing or Changing the System Time Viewing or Changing the System Time Zone Viewing or Changing Network Time Server Usage Energy Saver Settings Viewing or Changing Sleep Settings Viewing or Changing Automatic Restart Settings Power Management Settings Startup Disk Settings Viewing or Changing the Startup Disk Sharing Settings Viewing or Changing Remote Login Settings Viewing or Changing Apple Event Response International Settings Viewing or Changing Language Settings Login Settings Disabling the Restart and Shutdown Buttons Commands you can use to change a servers network settings. Network Interface Information Viewing Port Names and Hardware Addresses Viewing or Changing MTU Values Viewing or Changing Media Settings Network Port Configurations Creating or Deleting Port Configurations Activating Port Configurations Changing Configuration Precedence TCP/IP Settings Changing a Servers IP Address Viewing or Changing IP Address, Subnet Mask, or Router Address Viewing or Changing DNS Servers Enabling TCP/IP AppleTalk Settings Enabling and Disabling AppleTalk Proxy Settings Viewing or Changing FTP Proxy Settings Viewing or Changing Web Proxy Settings Viewing or Changing Secure Web Proxy Settings Viewing or Changing Streaming Proxy Settings Viewing or Changing Gopher Proxy Settings Viewing or Changing SOCKS Firewall Proxy Settings AirPort Settings Viewing or Changing Airport Settings Computer, Host, and Rendezvous Name Viewing or Changing the Computer Name Viewing or Changing the Local Host Name Viewing or Changing the Rendezvous Name Page Commands you can use to prepare, use, and test disks and volumes. Mounting and Unmounting Volumes Mounting Volumes Unmounting Volumes Checking for Disk Problems Monitoring Disk Space Reclaiming Disk Space Using Log Rolling Scripts Managing Disk Journaling Checking to See if Journaling is Enabled Turning on Journaling for an Existing Volume Enabling Journaling When You Erase a Disk Disabling Journaling Erasing, Partitioning, and Formatting Disks Setting Up a Case-Sensitive HFS+ File System Imaging and Cloning Volumes Using ASR Page Importing Users and Groups Creating a Character-Delimited User Import File Page An example user account looks like this: Here is an example of a record encoded using the description: User Attributes The following table lists standard XML data structures for attributes in user records. Page Page Page Page Checking a Server Users Name, UID, or Password Creating a Users Home Directory Mounting a Users Home Directory Creating a Group Folder Checking a Users Administrator Privileges Page 65 You can use the sharing tool to list, create, and modify share points. Listing Share Points To list existing share points: Creating a Share Point To create a share point: Examples Modifying a Share Point Disabling a Share Point AFP Service Starting and Stopping AFP Service Checking AFP Service Status Viewing AFP Settings Changing AFP Settings List of AFP Settings Page Page Page List of AFP serveradmin Commands Listing Connected Users The following array of settings is displayed for each connected user: Sending a Message to AFP Users Disconnecting AFP Users Canceling a User Disconnect You can use the serveradmin cancelDisconnect command to cancel a scheduled to be disconnected. To cancel a disconnect: Listing AFP Service Statistics Viewing AFP Log Files NFS Service Starting and Stopping NFS Service Checking NFS Service Status Viewing NFS Settings Changing NFS Service Settings FTP Service Starting FTP Service Stopping FTP Service Checking FTP Service Status Viewing FTP Settings Changing FTP Settings You can change FTP service settings using the serveradmin application. FTP Settings Use the following parameters with the serveradmin command to change settings for the FTP service. List of FTP serveradmin Commands You can use the following commands with the serveradmin application to manage FTP service. Viewing the FTP Transfer Log Checking for Connected FTP Users Windows (SMB) Service Starting and Stopping SMB Service Checking SMB Service Status Viewing SMB Settings Changing SMB Settings List of SMB Service Settings Use the following parameters with the serveradmin command to change settings for the SMB service. Page List of SMB serveradmin Commands You can use these commands with the serveradmin tool to manage SMB service. Listing SMB Users The following array of settings is displayed for each connected user: Disconnecting SMB Users Listing SMB Service Statistics Updating Share Point Information Viewing SMB Service Logs Page Checking the Status of Print Service Viewing Print Service Settings Changing Print Service Settings Print Service Settings Queue Data Array 92 Chapter 9 Working With Print Service Here is an example of a queue array parameter block: Print Service serveradmin Commands You can use the following commands with the serveradmin application to manage Print service. Listing Queues You can use the serveradmin getQueues command to list Print service queues. Pausing a Queue Listing Jobs and Job Information Holding a Job Viewing Print Service Log Files Page Page Changing NetBoot Settings You can change NetBoot service settings using the serveradmin command. NetBoot Service Settings General Settings Storage Record Array A volume parameter array: Filters Record Array Image Record Array Port Record Array Page Page Changing Mail Service Settings Mail Service Settings Page Page Page Page Page Page Page Page Page Page Page Mail serveradmin Commands You can use the following commands with the serveradmin application to manage Mail service. Listing Mail Service Statistics Viewing the Mail Service Logs Setting Up SSL for Mail Service Generating a CSR and Creating a Keychain Page Obtaining an SSL Certificate Importing an SSL Certificate Into the Keychain Creating a Passphrase File Setting Up SSL for Mail Service on a Headless Server Page Changing Web Settings serveradmin and Apache Settings Changing Settings Using serveradmin Web serveradmin Commands Listing Hosted Sites Viewing Service Logs Viewing Service Statistics Example Script for Adding a Website Page Starting and Stopping DHCP Service Checking the Status of DHCP Service Viewing DHCP Service Settings Changing DHCP Service Settings DHCP Service Settings Use the following parameters with the serveradmin command to change settings for the dhcp service. DHCP Subnet Settings Array Page Adding a DHCP Subnet List of DHCP serveradmin Commands Viewing the DHCP Service Log DNS Service Starting and Stopping the DNS Service Checking the Status of DNS Service Viewing DNS Service Settings Changing DNS Service Settings Firewall Service Starting and Stopping Firewall Service Checking the Status of Firewall Service Viewing Firewall Service Settings Changing Firewall Service Settings Firewall Service Settings Defining Firewall Rules Chapter 13 Working With Network Services 139 The unmodified ipfw.conf file: For more information, read the ipfw man page. Page IPFilter Rules Array Firewall serveradmin Commands Viewing Firewall Service Log Using Firewall Service to Simulate Network Activity NAT Service Starting and Stopping NAT Service Checking the Status of NAT Service Viewing NAT Service Settings Changing NAT Service Settings NAT Service Settings Use the following parameters with the serveradmin command to change settings for NAT service. NAT serveradmin Commands Viewing the NAT Service Log VPN Service Starting and Stopping VPN Service Checking the Status of VPN Service Viewing VPN Service Settings Changing VPN Service Settings List of VPN Service Settings Use the following parameters with the serveradmin command to change settings for VPN service. Page Page List of VPN serveradmin Commands Viewing the VPN Service Log IP Failover Requirements Failover Operation Enabling IP Failover Configuring IP Failover Enabling PPP Dial-In Page Commands you can use to manage the Open Directory service in Mac OS X Server. General Directory Tools Testing Your Open Directory Configuration Modifying an Open Directory Node Testing Open Directory Plugins Registering URLs With Service Location Protocol (SLP) Changing Open Directory Service Settings LDAP Configuring LDAP A Note on Using ldapsearch Idle Rebinding Options Additional Information About LDAP NetInfo Configuring NetInfo Password Server Working With the Password Server Viewing or Changing Password Policies Kerberos and Single Sign On Streaming Server Viewing QTSS Settings Changing QTSS Settings QTSS Settings Page Page QTSS serveradmin Commands You can use the following commands with the serveradmin application to manage QTSS service. Listing Current Connections Viewing QTSS Service Statistics Viewing Service Logs Forcing QTSS to Re-Read its Preferences Preparing Older Home Directories for User Streaming Page Index Index A B C D F G H I J O P Q R S T U V W