We received our Alpha 1000A with Digital UNIX 4.0B in late July. We go
live on Monday. I have been trying for the last few weeks to set up
security using ifconfig. I have searched though the archive--no luck.
Have a call into Dec and used every resource I have.
The /etc/ifaccess.conf is configured as follows:
tu0 137.90.#.0 255.255.255.0 permit # campus subnet
tu0 137.90.#.30 255.255.255.255 permit # specific IP number
tu0 0.0.0.0 0.0.0.0 deny # deny everyone else
Once activated by: ifconfig tu0 filter everyone but the console is
locked out-great security;).
The subnet mask across campus and the Alpha's mask is 255.255.255.0.
ifconfig -a provides the following information:
tu0: flags=c63<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST,SIMPLEX>
inet 137.90.128.2 netmask ffffff00 broadcast 137.90.128.255 ipmtu
1500
sl0: flags=10<POINTOPOINT>
lo0: flags=c89<UP,LOOPBACK,NOARP,MULTICAST,SIMPLEX>
inet 127.0.0.1 netmask ff000000 ipmtu 1536
I've tried
a) Deleting every line and starting from scratch because there might be
control characters. That is why the above sample is short. If I can get
one segment working, I'll add the rest.
b) ftped a copy of the ifaccess.conf from a campus where it is working.
As soon as I changed the network interface (they use FDDI), IP number,
and activated it, it locked everyone out.
c) I tried manipulating the mask in ifaccess.conf, but it give errors
message when trying to activate.
What am I missing? Anyone have any ideas on what I can try next? TIA
------------------------------------------------------------------------
-------------
Cindy L. Belcher
Director of Computer Services
Western Wyoming Community College
Rock Springs, WY
http://www.wwcc.cc.wy.us
"Most people are in favor of progress; it's the changes they don't
like." Author Unknown
Received on Sat Sep 13 1997 - 21:01:00 NZST