Ir para a página of
Manuais similares
-
Carrying Case
Apple None
8 páginas 0.22 mb -
Network Cables
Apple HD 4870
7 páginas 1.75 mb -
Personal Computer
Apple MC561LL/A
136 páginas 10.77 mb -
Smartwatch
Apple Watch
102 páginas 4.85 mb -
Laptop
Apple G4 17-inch
112 páginas 2.55 mb -
Laptop
Apple 3400 Series
207 páginas 3.28 mb -
MP3 Player
Apple MD477LL/A
68 páginas 13.01 mb -
Computer Accessories
Apple Component AV Cable
16 páginas 1.05 mb
Bom manual de uso
As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Apple 034-2351_Cvr. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoApple 034-2351_Cvr vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.
O que é a instrução?
A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Apple 034-2351_Cvr você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.
Infelizmente, pequenos usuários tomam o tempo para ler o manual Apple 034-2351_Cvr, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.
Então, o que deve conter o manual perfeito?
Primeiro, o manual Apple 034-2351_Cvr deve conte:
- dados técnicos do dispositivo Apple 034-2351_Cvr
- nome do fabricante e ano de fabricação do dispositivo Apple 034-2351_Cvr
- instruções de utilização, regulação e manutenção do dispositivo Apple 034-2351_Cvr
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes
Por que você não ler manuais?
Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Apple 034-2351_Cvr não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Apple 034-2351_Cvr e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Apple na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Apple 034-2351_Cvr, como para a versão papel.
Por que ler manuais?
Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Apple 034-2351_Cvr, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.
Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Apple 034-2351_Cvr. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação
Índice do manual
-
Página 1
Mac OS X Ser v er Network Ser vic e s Administr ation For Version 10.3 or Later 034-2351_Cvr 9/12/03 10:26 AM Page 1[...]
-
Página 2
Apple Computer , Inc. © 2003 Apple C omputer , Inc. All rights reser ved. The owner or authoriz ed user of a valid copy of Mac OS X Server software may reproduce this publication for the purpose of learning to use such software. No par t of this publication may be reproduc ed or transmitted for commercial purposes , such as selling copies of t[...]
-
Página 3
3 1 C on ten ts Prefac e 5 How to U se This Guide 5 What’ s Included in T his Guide 5 Using This Guide 6 Setting Up Mac OS X Ser ver for the First Time 6 Getting Help for Everyday Management T asks 6 Getting Additional Information Chapter 1 7 DHCP Service 7 Before Y ou Set Up DHCP Ser vice 9 Setting Up DHCP Ser vice for the First Time 10 Managing[...]
-
Página 4
4 Contents 63 P ort Reference 66 Where to F ind More Inf ormation Chapter 4 6 7 NA T Ser vice 67 Star ting and Stopping NA T S er vice 68 Configuring NA T Ser vice 68 Monitoring NA T S er vice 69 Where to F ind More Inf ormation Chapter 5 7 1 VPN Service 72 VPN and Security 73 Before Y ou Set Up VPN Ser vice 73 Managing VPN Ser vice 76 Monitoring V[...]
-
Página 5
5 Prefac e How t o U se This Guide What ’ s Included in This Guide This guide consists primarily of chapters that tell y ou how to administer v arious Mac OS X Ser ver network services: • DHCP • DNS • IP Fir ewall • NA T • VPN • NTP • IPv6 Support Using This Guide Each chapter covers a s pecific network service. Read any chapter tha[...]
-
Página 6
6 Preface How to Use This Guide Setting Up Mac OS X Server for the F irst Time If you haven ’t installed and set up M ac OS X Ser ver, do so now . • Refer to Mac OS X Ser ver Getting Started for V ersion 1 0.3 or Later, the document that came with your sof tware, for instructions on ser ver installation and setup. For many environmen ts, this d[...]
-
Página 7
1 7 1 DHCP Ser vice D ynamic Host Configuration P rotocol (DHCP) service lets you administer and distribute IP addresses to client computers from your ser ver . When you configure the DHCP ser ver , you assign a block of IP addresses that can be made available to clients. Each time a client computer configured t o use DHCP star ts up , it looks for[...]
-
Página 8
8 Chapter 1 DHCP Service Creating Subnets Subnets are groupings of computers on the same netw ork that simplify administration. Y ou can organize subnets an y way that is useful to y ou. For example , you can create subnets for different groups within your organization or for different floors of a building. Once you have grouped client computers in[...]
-
Página 9
Chapter 1 DHCP Service 9 Inter acting With Other DHCP S er vers Y ou may already ha ve other DHCP servers on your network, such as AirPort Base Stations. Mac OS X S er ver can coexist with other DHCP servers as long as each DHCP ser ver uses a unique pool of IP addresses. However , you may want your DHCP ser ver to provide an LDAP server address fo[...]
-
Página 10
10 Chapter 1 DHCP Service Step 2: Set up logs for DHCP ser vice Y ou can log DHCP activit y and errors to help you monitor r equests and identify problems with your ser ver . DHCP ser vice records diagnostic messages in the system log file. T o keep this file from growing too large , you can suppress most messages by changing your log settings in t[...]
-
Página 11
Chapter 1 DHCP Service 11 7 Enter a starting and ending IP address for this subnet range. Addresse s must be contiguous , and they can ’t overlap with other subnets’ ranges. 8 Enter the subnet mask f or the network address range . 9 Choose the Network Interface from the pop-up menu. 10 Enter the IP addre ss of the router for this subnet. If the[...]
-
Página 12
12 Chapter 1 DHCP Service Deleting Subnets Fr om DHCP Ser vice Y ou can delete subnets and subnet IP address ranges when they will no longer be distributed to clients . T o delete subnets or address r anges: 1 In Ser ver Admin, choose DHCP from the Computers & Services list. 2 Click Settings. 3 Select a subnet. 4 Click Delete. 5 Click Save t o [...]
-
Página 13
Chapter 1 DHCP Service 13 Setting LDAP Options for a Subnet Y ou can use DHCP to provide your clients with LDAP ser ver information rather than manually configuring each client’ s LDAP information. The order in which the LDAP ser vers appear in the list determine s their search order in the automatic Open Directory search polic y . If you have ar[...]
-
Página 14
14 Chapter 1 DHCP Service T o set WINS options for a subnet: 1 In Ser ver Admin, choose DHCP from the Computers & Services list. 2 Click Settings. 3 Select the Subnets tab. 4 Select a subnet and click Edit. 5 Click the WINS tab . 6 Enter the domain name or IP addre ss of the WINS/NBNS primar y and secondar y ser vers for this subnet. 7 Enter th[...]
-
Página 15
Chapter 1 DHCP Service 15 Setting the Log Detail Lev el for DHCP Service Y ou can choose the level of detail you want to log for DHCP ser vice. • “Low (err ors only)” will indicate conditions for which you need to take immediate action (for example, if the DHCP ser ver can ’t start up). This level corresponds to bootpd reporting in “ quie[...]
-
Página 16
16 Chapter 1 DHCP Service Where to F ind More Information Request for C omments (RFC) documents pr ovide an overview of a protocol or service and details about how the protocol should behave. I f you’ re a novice ser ver administrator , you ’ll probably find some of the background information in an RFC helpful. If you’ re an experienced ser v[...]
-
Página 17
2 17 2 DNS Ser vice When your clients want to connec t to a network resource such as a web or file ser ver , they typically request it by its domain name (such as www .example .com) rather than by its IP address (such as 1 92. 1 68. 1 2. 1 2). The Domain Name System (DNS) is a distributed database that maps IP addresses to domain names so your clie[...]
-
Página 18
18 Chapter 2 DNS Service Befor e Y ou Set Up DNS Ser vice This section contains information you should consider before setting up DNS on your network. T he issues in volved with DNS administration are complex and numer ous. Y ou should only set up DNS ser vice on your network if you’ re an experienced DNS administrator . Y ou should consider crea[...]
-
Página 19
Chapter 2 DNS Service 19 Once you register a domain name, you can create subdomains within it as long as you set up a DNS ser ver on your network to k eep track of the subdomain names and IP addresses . F or example, if you register the domain name “ example.com,” you could create subdomains such as “host1 .example.com,” “mail.example.com[...]
-
Página 20
20 Chapter 2 DNS Service The configuration file is located in this file: /etc/named.conf The zone file name is based on the name of the zone . For example , the zone file “ example.com ” is located in this file: /var/named/example.com.z one See “Configuring BIND Using the Command Line ” on page 37 f or more information. Step 3: Configure ba[...]
-
Página 21
Chapter 2 DNS Service 21 Managing DNS Ser vice Mac OS X Ser ver provides a simple int er face for starting and stopping DNS ser vice as well as viewing logs and status. Basic DNS settings can be configured with Ser ver Admin. More advanced feature s require configuring BIND from the command-line , and are not cover ed here. Star ting and Stopping D[...]
-
Página 22
22 Chapter 2 DNS Service T o enable or disable recursion: 1 In Ser ver Admin, choose DNS in the Computer & Ser vices list. 2 Click Settings. 3 Select the G eneral tab . 4 Select or deselect Allow Recursion as needed. If you choose to enable recursion, consider disabling it for external IP addresses, but enabling it for LAN IP addresse s, by edi[...]
-
Página 23
Chapter 2 DNS Service 23 T o add a master zone: 1 In Ser ver Admin, choose DNS in the Computer & Ser vices list. 2 Click Settings. 3 Select the Zones tab . 4 Click Add beneath the Z ones list. 5 Enter a zone name . The zone name must ha ve a trailing period: “ example.com.” 6 Choose Master from the Zone T ype pop-up menu. 7 Enter the hostna[...]
-
Página 24
24 Chapter 2 DNS Service Adding a F or ward Z one A forward zone directs all lookup requests to other DNS servers. T o add a forward zone: 1 In Ser ver Admin, choose DNS in the Computer & Ser vices list. 2 Click Settings. 3 Select the Zones tab . 4 Click Add beneath the Z ones list. 5 Enter a zone name . The Zone name must ha ve a trailing peri[...]
-
Página 25
Chapter 2 DNS Service 25 Modifying a Zone This section describes modifying a zone ’ s t ype and settings but not modifying the records within a zone . Y ou may need to change a zone ’ s administrator addre ss, t ype, or domain name. T o modify a zone: 1 In Ser ver Admin, choose DNS in the Computer & Ser vices list. 2 Click Settings. 3 Selec[...]
-
Página 26
26 Chapter 2 DNS Service • Name Ser ver (NS): Store s the authoritative name server for a given z one. • P ointer (PTR): Store s the domain name of a given IP addre ss (reverse lookup). • T ext ( T XT ): Stor es a text string as a response to a DNS quer y . If you need access to other k inds of records, you’ll need to edit BIND’ s configu[...]
-
Página 27
Chapter 2 DNS Service 27 Modifying a Record in a Z one If you make frequent changes to the namespace for the domain, you ’ll need to update the DNS records as often as that namespace change s. Upgrading hardware or adding to a domain name might require updating the DNS recor ds as well. T o modify a record: 1 In Ser ver Admin, choose DNS in the C[...]
-
Página 28
28 Chapter 2 DNS Service Monitoring DNS Y ou may want to monit or DNS status to troubleshoot name r esolution problems , check how often the DNS service is used, or even check f or unauthoriz ed or malicious DNS ser vice use. This section discusses common monitoring tasks for DNS service. Viewing DNS Ser vice Status Y ou can check the DNS Status wi[...]
-
Página 29
Chapter 2 DNS Service 29 T o change the log detail level: 1 In Ser ver Admin, choose DNS in the Computer & Ser vices list. 2 Click Settings. 3 Select the Logging tab . 4 Choose the detail level from the L og Lev el pop-up menu. The possible log levels are: • Critical (less detailed) • Error • W arning • Notice • Information • Debug [...]
-
Página 30
30 Chapter 2 DNS Service T o see DNS usage statistics: 1 In Ser ver Admin, choose DNS in the Computer & Ser vices list. 2 Click Activity to view operations currently in progress and usage statistics . Securing the DNS Ser ver DNS ser vers are target ed by malicious computer users (commonly called “hack ers”) in addition to other legitimate [...]
-
Página 31
Chapter 2 DNS Service 31 With a copy of your master zone , the hacker can see what kinds of ser vices a domain offers , and the IP addre ss of the ser vers that offer them. He or she can then tr y specific attacks based on those ser vices. This is reconnaissance bef ore another attack. T o defend against this attack, you need to specify which IP ad[...]
-
Página 32
32 Chapter 2 DNS Service It is difficult to prevent this type of attack before it begins. Constant monitoring of the DNS ser vice and ser ver load allows an administrator t o catch the attack early and mitigate its damaging effect. The easiest way t o guard against this attack is to block the off ending IP address with your firewall. See “Creatin[...]
-
Página 33
Chapter 2 DNS Service 33 Common Netw ork Administration T asks That Use DNS Ser vice The following sections illustrate some common netw ork administration tasks that require DNS service. Setting Up MX Records If you plan to provide mail ser vice on your network, you must set up DNS so that incoming mail is sent to the appropriate mail host on your [...]
-
Página 34
34 Chapter 2 DNS Service Configuring DNS f or Mail Ser vice Configuring DNS f or mail service is enabling Mail Exchange (MX) records with y our own DNS ser ver . If you have an Internet Service Provider (ISP) that provides you with DNS ser vice, you’ll need to contact the ISP so that they can enable your MX records. Only follow these steps if you[...]
-
Página 35
Chapter 2 DNS Service 35 Step 2: Create records and priorities f or the auxiliary mail servers These instruction assume you have edited the original MX record. I f not, please do so before proceeding . These instructions also assume you have already set up and configured one or more auxiliary mail ser vers. T o enable backup or redundan t mail serv[...]
-
Página 36
36 Chapter 2 DNS Service Mac OS X’ s Rendezvous feature allows you to use hostnames on your local subnet that end with the “.local” suffix without having to enable DNS. Any ser vice or device that supports Rendezvous allows the use of user-defined namespace on your local subnet without setting up and configuring DNS. Network L oad Distributio[...]
-
Página 37
Chapter 2 DNS Service 37 If you set up a private T CP/IP network, you can also provide DNS ser vice. By setting up T CP/IP and DNS on your local area network, your users will be able to easily access file, web , mail, and other ser vices on your network. Hosting Several In ternet Ser vices With a Single IP Address Y ou must ha ve one server supplyi[...]
-
Página 38
38 Chapter 2 DNS Service BIND is configured by editing text files containing inf ormation about how you wan t BIND to behave and information about the ser vers on your network. If you wish to learn more about DNS and BIND , re sources are listed at the end of this chapt er . BIND on Mac OS X Ser ver Mac OS X Ser ver uses BIND version 9 .2.2. Y ou c[...]
-
Página 39
Chapter 2 DNS Service 39 Setting Up Sample Configuration F iles The sample files can be f ound in /usr/share/named/examples. The sample files assume a domain name of example.com behind the NA T . This may be changed, but must be changed in all modified configuration files. T his includes renaming /var/named/example .com.zone to the giv en domain na[...]
-
Página 40
40 Chapter 2 DNS Service If you are using Mac OS X Server as your DHCP Server: 1 In Ser ver Settings, click the Network tab, click DHCP/NetBoot, and choose Configure DHCP/NetBoot. 2 On the Subnet tab , selec t the subnet on the built-in Ethernet port and click Edit. 3 In the General tab , ent er the following inf ormation: Start: 1 0.0. 1 .3 End: 1[...]
-
Página 41
Chapter 2 DNS Service 41 F or instance, if “Bob” walks into work in the morning and starts up his computer , and the DHCP ser ver assigns his computer a dynamic IP addre ss, a DNS entr y “bob .example.com ” can be associated with that IP address. Even though Bob ’ s IP address may change ev ery time he star ts up his computer , his DNS na[...]
-
Página 42
LL2351.Book Page 42 Monday, September 8, 2003 2:47 PM[...]
-
Página 43
3 43 3 IP F irewall S er vice Fir ewall ser vice is software that protects the network applications running on your Mac OS X Ser ver. T urning on firewall service is similar to erecting a wall to limit access. Fir ewall ser vice scans incoming IP packets and rejects or accepts these packets based on the set of filters you create. Y ou can restrict [...]
-
Página 44
44 Chapter 3 IP Firewall Service Ser vices such as W eb and FTP are identified on your ser ver by a T ransmission Contr ol Prot ocol ( T CP) or User Datagram Pr otocol (UDP) port number . When a computer tries to connect to a ser vice, firewall ser vice scans the filter list for a matching port number . • If the por t number is in the filter list[...]
-
Página 45
Chapter 3 IP Firewall Service 45 Understanding F irewall F ilters When you star t firewall ser vice, the default configuration denies access to all incoming packets from remote computers ex cept ports for remote configuration. T his provides a high level of security . Y ou can then add new IP filters to allow ser ver access to those clients who req[...]
-
Página 46
46 Chapter 3 IP Firewall Service Addresse s with subnet masks in CIDR notation corres pond to address notation subnet masks. CIDR Corre sponds to Netmask Number of addresses in the range /1 1 28.0.0.0 4.29x1 0 9 /2 1 92.0.0.0 2. 1 4x1 0 9 /3 22 4.0.0.0 1 .07x1 0 9 /4 240.0.0.0 5 .36x1 0 8 /5 248.0.0.0 1 .34x1 0 8 /6 25 2.0.0.0 6.7 1x1 0 7 /7 254.0.[...]
-
Página 47
Chapter 3 IP Firewall Service 47 Using A ddress Ranges When you create filters using Ser ver Admin, you enter an IP address and the CIDR format subnet mask. Ser ver Admin shows you the resulting address range, and you can change the range by modifying the subnet mask. When y ou indicate a range of possible values f or any segment of an addr ess , t[...]
-
Página 48
48 Chapter 3 IP Firewall Service Setting Up F irewall Ser vice for the F irst Time Once you’v e decided which filters you need to create, follow these overview steps to set up firewall ser vice. If you need more help to per form any of these steps, see “Managing Firewall Service” on page 49 and the other topics referred to in the steps . Step[...]
-
Página 49
Chapter 3 IP Firewall Service 49 Step 5: S av e firewall service changes Once you have configured your filters and determined which ser vices to allow , sa ve your changes so the new settings take effect. Managing F irewall Service This section gives step-by-st ep instructions for starting, stopping , and configuring firewall address groups and fil[...]
-
Página 50
50 Chapter 3 IP Firewall Service • DNS/Rendezvous • ICMP Echo Reply (incoming pings) • IGMP (Internet Gateway Multicast P rot ocol) • PPTP VPN • L2TP VPN • QT SS media streaming • iT unes Music Sharing T o open the firewall for standard services: 1 In Ser ver Admin, choose Firewall from the C omputers & Services list. 2 Click Sett[...]
-
Página 51
Chapter 3 IP Firewall Service 51 Editing or Deleting an Addr ess Group Y ou can edit your address groups to change the range of IP addresses effected. The default address group is for all addresses. Y ou can remove address groups from your firewall filter list. The filters associated with those addr esses are also deleted . Addresse s can be listed[...]
-
Página 52
52 Chapter 3 IP Firewall Service T o create an IP filt er for TCP ports: 1 In Ser ver Admin, choose Firewall from the C omputers & Services list. 2 Click Settings. 3 Select the Advanced tab . 4 Click the New button. Alternatively , you can selec t a rule similar to the one you want to create, and click Duplicate then Edit. 5 Select whether this[...]
-
Página 53
Chapter 3 IP Firewall Service 53 • Remote Desktop • NFS • NetInfo UDP ports above 1 02 3 are allocated dynamically by certain ser vices, so their exact por t numbers may not be determined in adv ance. Addresse s can be listed as individual addresse s (1 9 2. 1 68.2.2) or IP address and CIDR netmask (1 92 . 1 68.2.0/24). T o easily configure U[...]
-
Página 54
54 Chapter 3 IP Firewall Service Editing Adv anced IP F ilters If you edit a filter after turning on firewall ser vice, your changes affect connections already established with the server . F or example, if an y computers are connected to your W eb server , and you change the filter to deny all access to the ser ver , connected computers will be di[...]
-
Página 55
Chapter 3 IP Firewall Service 55 Monitoring F irewall Ser vice Fir ewalls are a networks first line of def ense against malicious computer users (commonly called “hackers”). T o maintain the securit y of your computers and users , you need to monitor firewall activity and deter potential threats. This sections explains how to log and monitor yo[...]
-
Página 56
56 Chapter 3 IP Firewall Service Log Example 1 Dec 12 13:08:16 ballch5 mach_kernel: ipfw: 65000 Unreach TCP 10.221.41.33:2190 192.168.12.12:80 in via en0 This entry shows that firewall service used rule 65000 to deny (unreach) the remote client at 1 0.22 1 .4 1 .33:2 1 90 from accessing server 1 92. 1 68. 1 2. 1 2 on W eb port 80 via Ethernet port [...]
-
Página 57
Chapter 3 IP Firewall Service 57 Pr actical Examples The IP filters you create work together to provide securit y for your network. The examples that follow sho w how to use filters t o achieve some specific goals . Block Acce ss to In ternet Users This section shows you, as an example, how to allow users on your subnet access to your ser ver’ s [...]
-
Página 58
58 Chapter 3 IP Firewall Service T o do this: 1 In Ser ver Admin, choose Firewall from the C omputers & Services list. 2 Click Settings. 3 Select the G eneral tab . 4 Select the Any address group . 5 Enable “SMTP Mail” in the right pane. 6 Click the Add button to cr eate an address range . 7 Name the address group . 8 Enter 1 7 . 1 28. 1 00[...]
-
Página 59
Chapter 3 IP Firewall Service 59 Common Netw ork Administration T asks That Use F irewall Ser vice Y our firewall is the first line of defense against una uthorized network in truders, malicious users, and network virus attacks. There are many ways that such attacks can harm your data or use your network resources. This section lists a few of the c[...]
-
Página 60
60 Chapter 3 IP Firewall Service Con trolling or Enabling Netw ork Game U sage Sometimes network administrators need t o control the use of network game s. The games might use network bandwidth and re sources inappropriately or disproportionately . Y ou can cut off network gaming by blocking all traffic incoming and outgoing on the port number used[...]
-
Página 61
Chapter 3 IP Firewall Service 61 If you want to put your own rules in the ipfw .conf file, you can use a template that is installed at /etc/ipfilter/ipfw .conf.default. Duplicate the file, rename it, and edit it as indicated in the template ’ s comments. Preca utions By using the Advanced panel or creating your own rules, you can put the ser ver [...]
-
Página 62
62 Chapter 3 IP Firewall Service Reviewing IP F ilter Rules T o review the rules currently defined f or your server , use the T erminal application to submit the ipfw show command. The show command display s four columns of information: When you t ype: ipfw show Y ou will see information similar to this: 0010 260 32688 allow log ip from any to any [...]
-
Página 63
Chapter 3 IP Firewall Service 63 Deleting IP Filter Rule s T o delete a rule, use the ipfw delete command. This example deletes rule 2 00: ipfw delete 200 F or more information, consult the man pages for ipfw . P or t Reference The follo wing tables show the TCP and UDP port numbers commonly used by Mac OS X computers and M ac OS X Ser vers. The se[...]
-
Página 64
64 Chapter 3 IP Firewall Service 31 1 AppleShare IP remote Web administration, Server Monitor , Ser ver Admin (servermgrd), W orkgroup Manager (DirectoryS er vice) 389 LDAP (director y) Sherlock 2 LDAP search RFC 225 1 427 SLP (service location) 443 SSL (HTTPS) 514 shell 515 LPR (printing) RFC 1 1 79 532 netnews 548 AFP (AppleShare) 55 4 Real-Time [...]
-
Página 65
Chapter 3 IP Firewall Service 65 8000–8999 W eb service 1 6080 W eb service with per formance cache UDP port U sed for Reference 7 echo 53 DNS 67 DHCP server (BootP) 68 DHCP client 69 T rivial File T ransfer P rotocol ( TFTP) 111 Remote Procedur e Call (RPC) 12 3 Network Time P rotocol RFC 1 305 13 7 Windows Name Ser vice ( WINS) 13 8 Windows Dat[...]
-
Página 66
66 Chapter 3 IP Firewall Service Where to F ind More Information F or more information about ipfw: Y ou can find more information about ipfw , the process which con trols IP firewall ser vice, by accessing its man page. It explains how to access its f eatures and implement them. T o access the man page use the T erminal application to enter: man ip[...]
-
Página 67
4 67 4 NA T Ser vice Network Addr ess Tr anslation (NA T ) is sometimes referr ed to as IP masquerading , or IP aliasing. NA T is used to allow multiple computers acce ss to the Internet with only one assigned IP address. NA T allows you to create a private network which accesses the Internet through a NA T router or gateway . The NA T router takes[...]
-
Página 68
68 Chapter 4 NAT Service Configuring NA T Ser vice Y ou use Ser ver Admin to indicat e which network interface is connected to the Internet or other external network. T o configure NA T ser vice: 1 In Ser ver Admin, selec t NA T from the C omputers & Ser vices pane. 2 Click Settings. 3 Choose the network inter face from the “Share your connec[...]
-
Página 69
Chapter 4 NAT Service 69 T o view the NA T diver t log: 1 In the T erminal application enter: ipfw add 10 divert natd all from any to any via <interface> Where <interface> is the network interface selec ted in the NA T section of Ser ver Admin. 2 In Ser ver Admin, choose Firewall from the C omputers & Services list. 3 Click Settings[...]
-
Página 70
LL2351.Book Page 70 Monday, September 8, 2003 2:47 PM[...]
-
Página 71
5 71 5 VPN Ser vice Vir tual Priv ate Network ( VPN) is two or more computers or networks (node s) connected by a privat e link of encr ypted data. T his link simulates a local connection, as if the remote computer w ere attached to the local area netw ork (LAN). VPNs allow users at home or otherwise away from the LAN to securely connect to it usin[...]
-
Página 72
72 Chapter 5 VPN Service VPN and Security VPNs stress security by strong authen tication of identity , and encrypted data transport between the nodes , for data privacy and inalterabilit y . The following section contains information about each supported transport and authentication method. Authen tication Method Mac OS X Ser ver VPN uses Microsoft[...]
-
Página 73
Chapter 5 VPN Service 73 Befor e Y ou Set Up VPN Ser vice Before setting up Vir tual Private Network ( VPN) ser vice, you need to determine which transport protocol you’ re going to use. The table below shows which protocols are supported by different platf orms. If you’ re using L2TP , you need to have a Security Certificate from a Certificate[...]
-
Página 74
74 Chapter 5 VPN Service T o enable L2TP: 1 In Ser ver Admin, choose the VPN Service from the Computers & Services list. 2 Click Settings. 3 Select the G eneral tab . 4 Select L2TP . 5 Enter the shared secr et. 6 Set the beginning IP address of the allocation range. 7 Set the ending IP address of the allocation range. 8 Enter the group that has[...]
-
Página 75
Chapter 5 VPN Service 75 Configuring A dditional Netw ork Settings for VPN Clients When a user connects in to your ser ver through VPN, that user is given an IP address from your allocated range. If this range is not ser ved by a DHCP ser ver , you ’ll need to configure additional network settings. The se setting include the network mask, DNS add[...]
-
Página 76
76 Chapter 5 VPN Service Monitoring VPN Ser vice This section describes tasks associated with monitoring a functioning VPN ser vice. It includes accessing status reports, setting logging options, viewing logs, and monitoring connections. Viewing a VPN Status Overview The VPN Over view gives you a quick status repor t on your enabled VPN ser vices. [...]
-
Página 77
Chapter 5 VPN Service 77 Viewing the VPN Log Y ou’ll need to monitor VPN logs to ensure smooth operation of your Virtual Priv ate Network. The VPN logs can help you troubleshoot problems. T o view the log: 1 In Ser ver Admin, choose VPN Service from the Computers & Services list. 2 Click Logs. Viewing VPN Client C onnections Y ou can monitor [...]
-
Página 78
LL2351.Book Page 78 Monday, September 8, 2003 2:47 PM[...]
-
Página 79
6 79 6 NTP Ser vice Network Time Protocol (NTP) is a network pr otocol used to synchroniz e the clocks of computers on your network to a time reference clock. NTP is used to ensure that all the computers on a network are r eporting the same time. If an isolated network, or even a single computer , is running on wrong time, ser vices that use time a[...]
-
Página 80
80 Chapter 6 NTP Service Using NTP on Y our Network Mac OS X Ser ver can act not only as an NTP client, receiving a uthoritative time from an Internet time server , but also as an a uthoritative time server for a network. Y our local clients can query your ser ver to set their clocks . It’ s advised that if you set your server to answer time quer[...]
-
Página 81
Chapter 6 NTP Service 81 Configuring NTP on Clien ts If you have set up a local time ser ver , you can configure your clients to quer y your time ser ver for getting the netw ork date and time. By default, clients can quer y Apple’ s time ser ver . The se instructions allow you to set your clients to quer y your time ser ver . T o configure NTP o[...]
-
Página 82
LL2351.Book Page 82 Monday, September 8, 2003 2:47 PM[...]
-
Página 83
7 83 7 IPv6 Suppor t IPv6 is shor t for “Internet P rot ocol V ersion 6."IPv6 is the Int ernet’ s nex t-generation protocol designed to r eplace the current In ternet Pr otocol, IP V ersion 4 (IPv4, or just IP). The current In ternet P rotocol is beginning to ha ve problems coping with the gro wth and popularity of the Internet. IPv4’ s [...]
-
Página 84
84 Chapter 7 IPv6 Support IPv6 Enabled Ser vices The following services in Mac OS X Ser ver support IPv6 in addressing: • DNS (BIND) • IP Fir ewall • Mail (POP/IMAP/SMTP) • SMB • W eb (Apache 2) Additionally , there are a number of command-line tools installed with M ac OS X Ser ver that suppor t IPv6 (for example , ping6, and tracerout e[...]
-
Página 85
Chapter 7 IPv6 Support 85 The final notation type includes IPv4 addresses. Because many IPv6 addr esses are extensions of IPv4 addresses , the right-most four b ytes of an IPv6 addre ss (the right- most two byte pairs) can be r ewritten in the IPv4 notation. T his mixed notation (from the above example) could be expre ssed as: E3C5:4AC8:1 92. 1 68.[...]
-
Página 86
86 Chapter 7 IPv6 Support Where to F ind More Information The working group for the In ternet Pr otocol Version 6 websit e is www .ipv6.org . A group of IPv6 enthusiasts maintains a list of applications that support IPv6 at the website www .ipv6forum.com/navbar/links/v6apps.htm. Request F or Commen t Documents Request for C omments (RFC) documents [...]
-
Página 87
87 Glossary Glossar y This glossary defines terms and spells out abbreviations you ma y encounter while working with online help or the Mac OS X Ser ver Network Ser vices Administration for V ersion 1 0.3 or Later manual. Refer ences to terms defined elsewher e in the glossary appear in italics. bit A single piece of information, with a value of ei[...]
-
Página 88
88 Glossary firewall Software that protects the network applications running on your ser ver . IP firewall service, which is part of Mac OS X S er ver software, scans incoming IP packets and rejects or accepts these pack ets based on a set of filters you create. FTP (File T ransfer Protocol) A pr otocol that allows computers t o transfer files o ve[...]
-
Página 89
Glossary 89 ISP (Internet service provider) A busine ss that sells Internet access and often pro vides web hosting for ecommer ce applications as well as mail services. L2TP (Layer T wo T unnelling Protocol) A network trans por t protocol used for VPN connections. It is essentially a combination of Cisco ’ s L2F and PPTP . L2TP itself is not an e[...]
-
Página 90
90 Glossary multicast An efficient, one-to-many form of streaming . Users can join or lea ve a multicast but cannot other wise interact with it. multihoming The ability to suppor t multiple network connections. When more than one connection is available , Mac OS X selects the best connection according to the order specified in Netw ork preference s[...]
-
Página 91
Glossary 91 port A sor t of vir tual mail slot. A server uses port numbers to determine which application should receive data pack et s. Fir ewalls use port numbers to determine whether or not data packets are allowed to tra verse a local network. “P ort ” usually refers to either a TCP or UDP por t. protocol A set of rule s that determines how[...]
-
Página 92
92 Glossary SLP (Ser vice Location P rotoc ol) DA (Directory Agent) A protocol that registers ser vices av ailable on a network and give s users easy access to them. W hen a ser vice is added to the network, the ser vice uses SLP to register itself on the network. SLP/DA uses a centralized r epository for registered network services. SMTP (Simple M[...]
-
Página 93
Glossary 93 UDP (User Datagram P rotoc ol) A communications method that uses the Internet Prot ocol (IP) to send a data unit (called a datagram) from one computer t o another in a network. Network applications that have very small data units to exchange ma y use UDP rather than T CP . unicast The one-to-one f orm of streaming. If RTSP is provided ,[...]
-
Página 94
LL2351.Book Page 94 Monday, September 8, 2003 2:47 PM[...]
-
Página 95
95 Index Index A AirPort Base Stations DHCP service and 9 B BIND 17, 18, 19, 37–40 about 37 configuration File 38 configuring 37–40 defined 37 example 38–40 load distribution 36 zone data files 38 C CIDR netmask notation 45, 47 D DHCP servers 8, 40 interactions 9 network location 8 DHCP service 7–16 AirPort Base Stations 9 changing subnets [...]
-
Página 96
96 Index I IANA registration 18 In 6 Internet Gateway Multicast Protocol See IGMP Internet Protocol Version 6 See IPv6 IP addresses assigning 9 DHCP and 7 DHCP lease times, changing 12 dynamic 8 dynamic allocation 8 IPv6 notation 84 leasing with DHCP 7 multiple 47 precedence in filters 47 ranges 47 reserved 9 static 8 IP Filter module 61–63 IP fi[...]
-
Página 97
97 Index P ports Mac OS X computers 63–65 TCP ports 63–64 UDP ports 65 R round robin 36 rules, IP filter 61–63 S Server 10, 15, 57, 58, 69 servers DHCP servers 40 name servers 18 static IP addresses 8 Stratum time servers 79 subnet masks 45 subnets 8 creating 8, 10 T TCP/IP private networks 36–37 TCP ports 63–65 Terminal application 62 ti[...]