Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.9)
Apropos / Subsearch:
optional field

File Formats                                        securenets(4)

     securenets - configuration file for NIS security


     The  /var/yp/securenets file defines the networks  or  hosts
     which  are  allowed  access  to  information  by the Network
     Information Service ("NIS").

     The format of the file is as follows:

        o  Lines beginning with the ``#'' character  are  treated
           as comments.

        o  Otherwise, each line contains two fields separated  by
           white space.  The first field is a netmask, the second
           a network.

        o  The  netmask  field  may  be  either
           (IPv4), ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff (IPv6)
           , or the string ``host'' indicating  that  the  second
           field is a specific host to be allowed access.

     Both ypserv(1M) and ypxfrd(1M)  use  the  /var/yp/securenets
     file.   The file is read when the  ypserv(1M) and ypxfrd(1M)
     daemons begin. If /var/yp/securenets is present,  ypserv(1M)
     and  ypxfrd(1M)  respond  only  to IP addresses in the range
     given.  In order for a change in the /var/yp/securenets file
     to take effect, you must kill and restart any active daemons
     using ypstop(1M) and ypstart(1M).

     An important thing to note for all  the  examples  below  is
     that the server must be allowed to access itself. You accom-
     plish this either by the server being part of a subnet  that
     is  allowed to access the server, or by adding an individual
     entry, as the following:


     Example 1: Access for Individual Entries

     If individual machines are to  be  give  access,  the  entry
     could be:


SunOS 5.9           Last change: 26 Apr 1999                    1

File Formats                                        securenets(4)

     Example 2: Access for a Class C Network

     If access is to be given to an entire class C  network,  the
     entry could be:

     Example 3: Access for a Class B Network

     The entry for access to a class B network could be:

     Example 4: Access for an Invidual IPv6 Address

     Similarly, to allow access for an individual IPv6 address:

     ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff  fec0::111:abba:ace0:fba5e:1

     host  fec0::111:abba:ace0:fba5e:1

     Example 5: Access for all IPv6 Addresses Starting with fe80

     To allow access for all IPv6 addresses starting with fe80:

     ffff::  fe80::

           Configuration file for
            NIS security.

     ypserv(1M), ypstart(1M), ypstop(1M), ypxfrd(1M)

     The Network Information Service (NIS) was formerly known  as
     Sun Yellow Pages (YP).  The functionality of the two remains
     the same; only the name has changed. The name  Yellow  Pages
     is  a  registered trademark in the United Kingdom of British
     Telecommunications plc, and may not be used without  permis-

SunOS 5.9           Last change: 26 Apr 1999                    2