Date: Tue, 23 May 2006 10:17:29 -0400 From: "David Robillard" <david.robillard@gmail.com> To: "FreeBSD Questions Mailing List" <freebsd-questions@freebsd.org> Cc: Steve Kargl <sgk@troutmask.apl.washington.edu> Subject: Re: Setting up NIS questions? Message-ID: <226ae0c60605230717p6cf15086y116b2fca5ae289b5@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
> I have 2 NICS in the master node of a small cluster. > bge0 is connected to the outside world with a FQDN > and registered DNS IP address. bge1 is connected to > a 192.168.0.x internal network. I'm trying to configure > NIS for the internal network, but ypinit is grabbing the > FQDN. I've read the Handbook and ypinit manual page > without too much enlightment. :( > > What I'm after is > > 192.168.0.10 NIS master server > 192.168.0.11 NIS slave server > 192.168.0.[12-15] NIS clients > > Anyone have a pointer to a method to achieve my goals. I would _strongly_ suggest that you run you firewall from another machine instead of using you NIS master for this. This really is Security 101 :) Check out OpenBSD with pf for this purpose or use a Cisco PIX (you can find several on eBay). But if you don't want/can do this, why don't you setup a jail for you NIS master? You can bind the jail to the RFC 1918 IP address range. Therefore, starting up ypbind inside the jail would only see the 192.168.0/24 network and bind to it. See jail(8), jls(8) and jexec(8). You might also want to check mount_nullfs(8) to help you with the jail's ports tree. If you need help with the jail setup, feel free to email me off the list. David --=20 David Robillard UNIX systems administrator CISSP Sun Certified Security Administrator Sun Certified Systems Administrator Montreal: +1 514 966 0122
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?226ae0c60605230717p6cf15086y116b2fca5ae289b5>