Firewalld implements a zone concept. To allow access to services based on the source address, just create a new zone, add source addresses and services to the zone and you are done.
Here is an example.
First we create a new zone named test
This new zone shall be effective for source in the 10.100.250.0/24 address range
Now we add ports 22 (represented by the predefined service ssh) and 8080 to the zone
These commands created and populated the file /etc/firewalld/zones/test.xml
When you are done, activate your changes with
A good documentation of firewalld can be found here: Firewalld - FedoraProject
I"m installing my ATI card in FC4. I'm going off of instructions that i've found. The firs step says that i need my kernel sources which i've got then it says that i've gotta unpack them so i can make links to the file later. My kernel sources that i've got are .src.rpm I've installed them but... (1 Reply)
So, I was browsing groklaw.net, and I was surprised to read that Pamela Jones was reading the copyright notices in the UnixWare 7.1.1 source code files...
Groklaw - Santa Cruz Listed Novell as Owning the Copyrights in 1999
How can that be? Are the UnixWare 7.1.1 sources available to the... (1 Reply)
I had a doubt if any services need to be restarted if port no in /etc/services in an RHEL setup is changed. For eg, the port no of 443 for SSL may need to be changed.
I hope my query is clear whether any services need to be restarted if port no in /etc/services is changed.
Please revert with... (10 Replies)
Hi,
I just started working on a script. After my research, i found a command which can help me:
AIM: To build a script which starts the services (Services 1) on server 1 automatically whenever its down. And it has a dependency on other service (Service 2) on Server 2.
So my script has to... (4 Replies)
Hi,
What is the syntax to configure sntp client to have multiple time sources?
I tried to use the below syntax, but when the src1 is not reachable, the sntp does not even try to sync to src2:
# /usr/sbin/sntp -P no -r src1 src2
sntp: receive timed out after 3 seconds
sntp: receive timed... (0 Replies)
I am working in IT company working for banks.I find hardly to get technology about bank IT on the internet.Consider banks all using Unix, I think I can get some help here.
Recommend some sits or books about bank IT will be very helpful!! (0 Replies)
New to firewalld, and having an issue trying to emulate my old iptable ruleset.
Server has one network interface, which I usually only allow SSH in from certain IPs, I know I can do this with rich rules but have read that this is sub-optimal.
So, I created a new zone, ABCinternal, added a... (8 Replies)
Discussion started by: fishface
8 Replies
LEARN ABOUT FREEBSD
ldap_cachemgr
ldap_cachemgr(1M) System Administration Commands ldap_cachemgr(1M)NAME
ldap_cachemgr - LDAP daemon to manage client configuration for LDAP based Network Information Service lookups
SYNOPSIS
/usr/lib/ldap/ldap_cachemgr [-l log-file] [-g]
DESCRIPTION
The ldap_cachemgr daemon is a process that provides an up-to-date configuration cache for LDAP naming services. It is started during multi-
user boot.
The ldap_cachemgr utility provides caching for all parameters as specified and used by the LDAP naming service clients. The ldap_cachemgr
utility uses the cache files which are originally created by executing the ldapclient(1M) utility, as cold start files. Updates to the
cache files take place dynamically if profiles are used to configure the client. See the init option to ldapclient(1M).
The ldap_cachemgr utility helps improve the performance of the clients that are using LDAP as the Naming service repository. In order for
the LDAP naming services to function properly, the ldap_cachemgr daemon must be running. ldap_cachemgr also improves system security by
making the configuration files readable by superuser only.
The cache maintained by this daemon is shared by all the processes that access LDAP Naming information. All processes access this cache
through a door call. On startup, ldap_cachemgr initializes the cache from the cache files. See ldapclient(1M). Thus, the cache survives
machine reboots.
The ldap_cachemgr daemon also acts as its own administration tool. If an instance of ldap_cachemgr is already running, commands are passed
transparently to the running version.
OPTIONS
The following options are supported:
-g Print current configuration and statistics to standard output. This is the only option executable without superuser
privileges.
-l log-file Cause ldap_cachemgr to use a log file other than the default /var/ldap/cachemgr.log.
EXAMPLES
Example 1: Stopping and Restarting the ldap_cachemgr Daemon
The following example shows how to stop and to restart the ldap_cachemgr daemon.
example# svcadm enable network/ldap/client
example# svcadm disable network/ldap/client
Example 2: Forcing ldap_cachemgr to Reread the /var/ldap/ldap_client_file and /var/ldap/ldap_client_cred Files
The following example shows how to force ldap_cachemgr to reread the /var/ldap/ldap_client_file and /var/ldap/ldap_client_cred files
example# pkill -HUP ldap_cachemgr
FILES
/var/ldap/cachemgr.log Default log file.
/var/ldap/ldap_client_file Files containing the LDAP configuration of the client. These files are not to be modified manually. Their
/var/ldap/ldap_client_cred content is not guaranteed to be human readable. Use ldapclient(1M) to update these files.
WARNINGS
The ldap_cachemgr utility is included in the Solaris 9 release on an uncommitted basis only. It is subject to change or removal in a
future minor release.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWnisu |
+-----------------------------+-----------------------------+
SEE ALSO ldap(1), ldapadd(1), ldapdelete(1), ldaplist(1), ldapmodify(1), ldapmodrdn(1), ldapsearch(1), pkill(1), svcs(1), idsconfig(1M), ldapad-
dent(1M), ldapclient(1M), suninstall(1M), svcadm(1M), signal.h(3HEAD), resolv.conf(4), attributes(5), smf(5)NOTES
The ldap_cachemgr service is managed by the service management facility, smf(5), under the service identifier:
svc:/network/ldap/client
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The ser-
vice's status can be queried using the svcs(1) command.
SunOS 5.10 1 Aug 2004 ldap_cachemgr(1M)