hpux man page for securenets

Hpux Man Pages All Man Pages Latest Topics Forum Categories

Query: securenets

OS: hpux

Section: 4

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

securenets(4)						     Kernel Interfaces Manual						     securenets(4)


NAME

       securenets - NIS map security file


DESCRIPTION

       The  file  defines  networks  and  hosts  that  can  access the NIS maps on a server.  Each line in the file gives a network mask and a net
       address.  For example:

       The format of the file is as follows:

       o  Lines beginning with the character are treated as comments.

       o  Lines that are not comment lines contain two fields separated by white space.  The first field is a netmask, and the second field  is  a
	  network.

       o  The netmask field can be one of the following:

	      o  255.255.255.255 (IPv4)
	      o  ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff (IPv6)
	      o  the string indicating that the second field is a specific host to be allowed access.

       The file can have any number of netmask/net pairs.

       When  is  started  on  the  server,  it	checks	for the existence of and reads its contents into memory if it exists.  must be stopped and
       restarted for any changes in to take effect.

       Upon startup, the netmask and the net address are converted to binary format and logical ANDed.	The result must equal the net address (the
       second address) to be legal.

       If  the netmask is 255.255.255.255 (all 1's in binary), any address in the net address argument will match it.  If any field in the netmask
       is 0, the corresponding field in the net address must be 0.  When used in this way, the portion of the addresses given as 0 acts as a  wild
       card.

       When  a	client attempts to bind to the server, checks the client's IP against those given in the file.	Again, the address is converted to
       binary and logical ANDed with the netmask.  The result must equal the net address given in the file.  If the client address does not  match
       any pairs in the file, the binding is refused with the message, "no such map in server's NIS domain".

       The file can be used to limit access to specific hosts or to subnets using the wildcard capability.

       If there are syntax errors in the file, messages are logged to the logging file (default and is not started.

       If a host has multiple interfaces, each interface address must be allowed in the securenets file for that host to have reliable NIS access.


EXAMPLES

       The following examples show entries for the file.

       Either of the following entries provides access only to the host with address 192.33.33.33:

	      or

       The following entry allows access by any host on the 192.33.33 subnet:

       For broader access, such as an entire enterprise, the following entry allows any host whose address begins with "15" to be served:

       Either of the following entries allows access for an individual IPv6 address:

	      or

       The following entry allows access for all IPv6 addresses starting with "fec0":


SEE ALSO

       ypserv(1M).

																     securenets(4)
Related Man Pages
securenets(4) - sunos
securenets(4) - mojave
securenets(4) - posix
securenets(4) - php
securenets(4) - freebsd
Similar Topics in the Unix Linux Community
How to force the IP address working right now?
DHCPDECLINE error
basic unix question
"Permission denied" when changing IP netmask
Wpar network,i'm confused