Manuals / Brands / Computer Equipment / Server / Apple / Computer Equipment / Server

Apple oxs IPFilter Rules Array, Firewall serveradmin Commands

1 175

Download 175 pages, 1.65 Mb

Chapter 13 Working With Network Services 141

IPFilter Rules Array

An array of the following settings is included in the IPFilter settings for each defined

firewall rule. In an actual list of settings, <rule> is replaced with a rule number. You can

add a rule by using serveradmin to create such an array in the firewall settings (see

“Adding Rules Using serveradmin” on page 140).

Firewall serveradmin Commands

You can use the following commands with the serveradmin application to manage

Firewall (ipfilter) service.

Parameter (ipfilter:) Description

rules:_array_id:<rule>:

source The source of traffic governed by the rule.

rules:_array_id:<rule>:

protocol The protocol for traffic governed by the rule.

rules:_array_id:<rule>:

destination The destination of traffic governed by the rule.

rules:_array_id:<rule>:

action The action to be taken.

rules:_array_id:<rule>:

enabled Whether the rule is enabled.

rules:_array_id:<rule>:

log Whether activation of the rule is logged.

rules:_array_id:<rule>:

readOnly Whether read-only is set.

rules:_array_id:<rule>:

source-port The source port of traffic governed by the rule.

Command

(ipfilter:command=)Description

getLogPaths Find the current location of the log used by the service.

Default = /var/log/system.log

getStandardServices Retrieve a list of the standard services as they appear on the

General pane of the Firewall service settings in the Server Admin

GUI application.

writeSettings Equivalent to the standard serveradmin settings command,

but also returns a setting indicating whether the service needs to

be restarted. See “Determining Whether a Service Needs to be

Restarted” on page 19.

LL2354.book Page 141 Monday, October 20, 2003 9:47 AM

Contents

Main Contents Page Page Page Page Page Page Page About This Book Notation Conventions Summary Commands and Other Terminal Text Command Parameters and Options Default Settings Commands Requiring Root Privileges Using Terminal Correcting Typing Errors Repeating Commands Including Paths Using Drag-and-Drop Commands Requiring Root Privileges Sending Commands to a Remote Server Sending a Single Command Updating SSH Key Fingerprints Notes on Communication Security and servermgrd Using Telnet Getting Online Help for Commands Notes About Specific Commands and Tools serversetup serveradmin Page Finishing Basic Setup Automating Server Setup Creating a Configuration File Template Creating Customized Configuration Files from the Template File Chapter 2 Installing Server Software and Finishing Basic Setup 23 24 Chapter 2 Installing Server Software and Finishing Basic Setup Naming Configuration Files Storing a Configuration File in an Accessible Location Changing Server Settings Viewing, Validating, and Setting the Software Serial Number Updating Server Software Moving a Server Page Server Commands you can use to shut down or restart a local or remote server. Restarting a Server Examples Automatic Restart Changing a Remote Servers Startup Disk Shutting Down a Server Examples Preferences Viewing or Changing the Computer Name Date and Time Viewing or Changing the System Date Viewing or Changing the System Time Viewing or Changing the System Time Zone Viewing or Changing Network Time Server Usage Energy Saver Settings Viewing or Changing Sleep Settings Viewing or Changing Automatic Restart Settings Power Management Settings Startup Disk Settings Viewing or Changing the Startup Disk Sharing Settings Viewing or Changing Remote Login Settings Viewing or Changing Apple Event Response International Settings Viewing or Changing Language Settings Login Settings Disabling the Restart and Shutdown Buttons Commands you can use to change a servers network settings. Network Interface Information Viewing Port Names and Hardware Addresses Viewing or Changing MTU Values Viewing or Changing Media Settings Network Port Configurations Creating or Deleting Port Configurations Activating Port Configurations Changing Configuration Precedence TCP/IP Settings Changing a Servers IP Address Viewing or Changing IP Address, Subnet Mask, or Router Address Viewing or Changing DNS Servers Enabling TCP/IP AppleTalk Settings Enabling and Disabling AppleTalk Proxy Settings Viewing or Changing FTP Proxy Settings Viewing or Changing Web Proxy Settings Viewing or Changing Secure Web Proxy Settings Viewing or Changing Streaming Proxy Settings Viewing or Changing Gopher Proxy Settings Viewing or Changing SOCKS Firewall Proxy Settings AirPort Settings Viewing or Changing Airport Settings Computer, Host, and Rendezvous Name Viewing or Changing the Computer Name Viewing or Changing the Local Host Name Viewing or Changing the Rendezvous Name Page Commands you can use to prepare, use, and test disks and volumes. Mounting and Unmounting Volumes Mounting Volumes Unmounting Volumes Checking for Disk Problems Monitoring Disk Space Reclaiming Disk Space Using Log Rolling Scripts Managing Disk Journaling Checking to See if Journaling is Enabled Turning on Journaling for an Existing Volume Enabling Journaling When You Erase a Disk Disabling Journaling Erasing, Partitioning, and Formatting Disks Setting Up a Case-Sensitive HFS+ File System Imaging and Cloning Volumes Using ASR Page Importing Users and Groups Creating a Character-Delimited User Import File Page An example user account looks like this: Here is an example of a record encoded using the description: User Attributes The following table lists standard XML data structures for attributes in user records. Page Page Page Page Checking a Server Users Name, UID, or Password Creating a Users Home Directory Mounting a Users Home Directory Creating a Group Folder Checking a Users Administrator Privileges Page 65 You can use the sharing tool to list, create, and modify share points. Listing Share Points To list existing share points: Creating a Share Point To create a share point: Examples Modifying a Share Point Disabling a Share Point AFP Service Starting and Stopping AFP Service Checking AFP Service Status Viewing AFP Settings Changing AFP Settings List of AFP Settings Page Page Page List of AFP serveradmin Commands Listing Connected Users The following array of settings is displayed for each connected user: Sending a Message to AFP Users Disconnecting AFP Users Canceling a User Disconnect You can use the serveradmin cancelDisconnect command to cancel a scheduled to be disconnected. To cancel a disconnect: Listing AFP Service Statistics Viewing AFP Log Files NFS Service Starting and Stopping NFS Service Checking NFS Service Status Viewing NFS Settings Changing NFS Service Settings FTP Service Starting FTP Service Stopping FTP Service Checking FTP Service Status Viewing FTP Settings Changing FTP Settings You can change FTP service settings using the serveradmin application. FTP Settings Use the following parameters with the serveradmin command to change settings for the FTP service. List of FTP serveradmin Commands You can use the following commands with the serveradmin application to manage FTP service. Viewing the FTP Transfer Log Checking for Connected FTP Users Windows (SMB) Service Starting and Stopping SMB Service Checking SMB Service Status Viewing SMB Settings Changing SMB Settings List of SMB Service Settings Use the following parameters with the serveradmin command to change settings for the SMB service. Page List of SMB serveradmin Commands You can use these commands with the serveradmin tool to manage SMB service. Listing SMB Users The following array of settings is displayed for each connected user: Disconnecting SMB Users Listing SMB Service Statistics Updating Share Point Information Viewing SMB Service Logs Page Checking the Status of Print Service Viewing Print Service Settings Changing Print Service Settings Print Service Settings Queue Data Array 92 Chapter 9 Working With Print Service Here is an example of a queue array parameter block: Print Service serveradmin Commands You can use the following commands with the serveradmin application to manage Print service. Listing Queues You can use the serveradmin getQueues command to list Print service queues. Pausing a Queue Listing Jobs and Job Information Holding a Job Viewing Print Service Log Files Page Page Changing NetBoot Settings You can change NetBoot service settings using the serveradmin command. NetBoot Service Settings General Settings Storage Record Array A volume parameter array: Filters Record Array Image Record Array Port Record Array Page Page Changing Mail Service Settings Mail Service Settings Page Page Page Page Page Page Page Page Page Page Page Mail serveradmin Commands You can use the following commands with the serveradmin application to manage Mail service. Listing Mail Service Statistics Viewing the Mail Service Logs Setting Up SSL for Mail Service Generating a CSR and Creating a Keychain Page Obtaining an SSL Certificate Importing an SSL Certificate Into the Keychain Creating a Passphrase File Setting Up SSL for Mail Service on a Headless Server Page Changing Web Settings serveradmin and Apache Settings Changing Settings Using serveradmin Web serveradmin Commands Listing Hosted Sites Viewing Service Logs Viewing Service Statistics Example Script for Adding a Website Page Starting and Stopping DHCP Service Checking the Status of DHCP Service Viewing DHCP Service Settings Changing DHCP Service Settings DHCP Service Settings Use the following parameters with the serveradmin command to change settings for the dhcp service. DHCP Subnet Settings Array Page Adding a DHCP Subnet List of DHCP serveradmin Commands Viewing the DHCP Service Log DNS Service Starting and Stopping the DNS Service Checking the Status of DNS Service Viewing DNS Service Settings Changing DNS Service Settings Firewall Service Starting and Stopping Firewall Service Checking the Status of Firewall Service Viewing Firewall Service Settings Changing Firewall Service Settings Firewall Service Settings Defining Firewall Rules Chapter 13 Working With Network Services 139 The unmodified ipfw.conf file: For more information, read the ipfw man page. Page IPFilter Rules Array Firewall serveradmin Commands Viewing Firewall Service Log Using Firewall Service to Simulate Network Activity NAT Service Starting and Stopping NAT Service Checking the Status of NAT Service Viewing NAT Service Settings Changing NAT Service Settings NAT Service Settings Use the following parameters with the serveradmin command to change settings for NAT service. NAT serveradmin Commands Viewing the NAT Service Log VPN Service Starting and Stopping VPN Service Checking the Status of VPN Service Viewing VPN Service Settings Changing VPN Service Settings List of VPN Service Settings Use the following parameters with the serveradmin command to change settings for VPN service. Page Page List of VPN serveradmin Commands Viewing the VPN Service Log IP Failover Requirements Failover Operation Enabling IP Failover Configuring IP Failover Enabling PPP Dial-In Page Commands you can use to manage the Open Directory service in Mac OS X Server. General Directory Tools Testing Your Open Directory Configuration Modifying an Open Directory Node Testing Open Directory Plugins Registering URLs With Service Location Protocol (SLP) Changing Open Directory Service Settings LDAP Configuring LDAP A Note on Using ldapsearch Idle Rebinding Options Additional Information About LDAP NetInfo Configuring NetInfo Password Server Working With the Password Server Viewing or Changing Password Policies Kerberos and Single Sign On Streaming Server Viewing QTSS Settings Changing QTSS Settings QTSS Settings Page Page QTSS serveradmin Commands You can use the following commands with the serveradmin application to manage QTSS service. Listing Current Connections Viewing QTSS Service Statistics Viewing Service Logs Forcing QTSS to Re-Read its Preferences Preparing Older Home Directories for User Streaming Page Index Index A B C D F G H I J O P Q R S T U V W