Filter
Top Products
Chapter 14 Working with Network Services 227
dns:queriesArray:_array_index:4:value = -1
dns:queriesArray:_array_index:5:name = "SOA_QUERIES"
dns:queriesArray:_array_index:5:value = -1
dns:queriesArray:_array_index:6:name = "TXT_QUERIES"
dns:queriesArray:_array_index:6:value = -1
dns:nxdomain = 0
dns:nxrrset = 0
dns:reloadedTime = ""
dns:success = 0
dns:failure = 0
dns:recursion = 0
dns:startedTime = "2003-09-10 11:24:03 -0700"
dns:referral = 0
Configuring IP Forwarding
You can configure Mac OS X Server to provide routing services by configuring the
network interfaces properly and enabling IP forwarding. A server providing routing
services requires at least two interfaces, one to connect to the internal network and
one to connect to the public network. Each of these interfaces needs to be configured
correctly to allow it to route network data.
After the interfaces are configured to allow the server computer to communicate on
the two networks, you need to enable the computer to forward traffic between the two
networks. IP forwarding is enabled by using the sysctl tool to set the
net.inet.forwarding kernel variable to 1 as follows:
$ sysctl -w net.inet.forwarding=1
This change takes place immediately, but is not persistent once you reboot the
computer. To enable IP forwarding once Mac OS X Server restarts, you must set the
IPFORWARDING flag in the /etc/hostconfig file to -YES- to enable IP forwarding during
the startup process.
Managing the Firewall Service
Mac OS X Server uses the reliable open source IPFW2 software for its firewall service. To
protect your network applications, the firewall service scans incoming IP packets and
rejects or accepts them based on the set of filters you create. You can restrict access to
any IP service running on the server, and you can customize filters for all incoming
clients or for a range of client IP addresses .
The firewall service relies on the ipfw tool included with Mac OS X Server. The ipfw tool
is a content filter that uses rules to decide which packets to allow and which to deny.