SECURENETS(5) File Formats and Configurations SECURENETS(5)
NAME
securenets - configuration file for NIS security
SYNOPSIS
/var/yp/securenetsDESCRIPTION
The
/var/yp/securenets file defines the networks or hosts which are
allowed access to information by the Network Information Service
("
NIS").
The format of the file is as follows:
o Lines beginning with the ``#'' character are treated as
comments.
o Otherwise, each line contains two fields separated by
white space. The first field is a netmask, the second a
network.
o The netmask field may be either
255.255.255.255 (IPv4),
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff (IPv6) , or the
string ``host'' indicating that the second field is a
specific host to be allowed access.
Both
ypserv(8) and
ypxfrd(8) use the
/var/yp/securenets file. The
file is read when the
ypserv(8) and
ypxfrd(8) daemons begin. If
/var/yp/securenets is present,
ypserv(8) and
ypxfrd(8) respond only
to
IP addresses in the range given. In order for a change in the
/var/yp/securenets file to take effect, you must kill and restart any
active daemons using
ypstop(8) and
ypstart(8).
An important thing to note for all the examples below is that the
server must be allowed to access itself. You accomplish this either
by the server being part of a subnet that is allowed to access the
server, or by adding an individual entry, as the following:
hosts 127.0.0.1
EXAMPLES
Example 1: Access for Individual Entries
If individual machines are to be give access, the entry could be:
255.255.255.255 192.9.1.20
or
host 192.0.1.20
Example 2: Access for a Class C Network
If access is to be given to an entire class C network, the entry
could be:
255.255.255.0 192.9.1.0
Example 3: Access for a Class B Network
The entry for access to a class B network could be:
255.255.0.0 9.9.0.0
Example 4: Access for an Individual IPv6 Address
Similarly, to allow access for an individual IPv6 address:
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fec0::111:abba:ace0:fba5e:1
or
host fec0::111:abba:ace0:fba5e:1
Example 5: Access for all IPv6 Addresses Starting with fe80
To allow access for all IPv6 addresses starting with fe80:
ffff:: fe80::
FILES
/var/yp/securenets Configuration file for
NIS security.
SEE ALSO
ypserv(8),
ypstart(8),
ypstop(8),
ypxfrd(8)NOTES
The Network Information Service (NIS) was formerly known as Sun
Yellow Pages (YP). The functionality of the two remains the same;
only the name has changed. The name Yellow Pages is a registered
trademark in the United Kingdom of British Telecommunications plc,
and may not be used without permission.
May 16, 2020 SECURENETS(5)
