SECURENETS(5) Standards, Environments, and Macros SECURENETS(5)


securenets - configuration file for NIS security




The /var/yp/securenets file defines the networks or hosts which are
allowed access to information by the Network Information Service ("NIS").

The format of the file is as follows:

o Lines beginning with the ``#'' character are treated as

o Otherwise, each line contains two fields separated by white
space. The first field is a netmask, the second a network.

o The netmask field may be either (IPv4),
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff (IPv6) , or the string
``host'' indicating that the second field is a specific host
to be allowed access.

Both ypserv(8) and ypxfrd(8) use the /var/yp/securenets file. The file
is read when the ypserv(8) and ypxfrd(8) daemons begin. If
/var/yp/securenets is present, ypserv(8) and ypxfrd(8) respond only to IP
addresses in the range given. In order for a change in the
/var/yp/securenets file to take effect, you must kill and restart any
active daemons using ypstop(8) and ypstart(8).

An important thing to note for all the examples below is that the server
must be allowed to access itself. You accomplish this either by the
server being part of a subnet that is allowed to access the server, or by
adding an individual entry, as the following:



Example 1: Access for Individual Entries

If individual machines are to be give access, the entry could be:



Example 2: Access for a Class C Network

If access is to be given to an entire class C network, the entry could

Example 3: Access for a Class B Network

The entry for access to a class B network could be:

Example 4: Access for an Individual IPv6 Address

Similarly, to allow access for an individual IPv6 address:

ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fec0::111:abba:ace0:fba5e:1


host fec0::111:abba:ace0:fba5e:1

Example 5: Access for all IPv6 Addresses Starting with fe80

To allow access for all IPv6 addresses starting with fe80:

ffff:: fe80::


Configuration file for NIS security.


ypserv(8), ypstart(8), ypstop(8), ypxfrd(8)


The Network Information Service (NIS) was formerly known as Sun Yellow
Pages (YP). The functionality of the two remains the same; only the name
has changed. The name Yellow Pages is a registered trademark in the
United Kingdom of British Telecommunications plc, and may not be used
without permission.

May 16, 2020 SECURENETS(5)