Setting Firewall Rules Manually based on IFS Objects with the Rule Wizard

NOTE: You can only set Firewall rules manually with the rule wizard if you have set the Wizard type to *STD when opening the wizard.

To set rules manually based on the users or groups requesting the activity in the Rule Wizard, open the Plan IFS Security screen, as shown in Analyzing Recent Data on IFS Objects with the Rule Wizard (STRAUD > 5 > 42).

​                               ​  Plan IFS Security​   ​  Subset:​                         ​  Type choices, press Enter.​                 ​  File Sys⁄Root​                        ​   ​  1=Statistics​  ​  2=Allow by use​  ​  3=Display​   ​   Dir⁄Filename​                        ​   ​  4=Delete​      ​  5=DSPFWLOG​                       ​  Grp⁄User​   ​               ​  7=WRKLNK ​     ​  8=WRKAUT​        ​  9=Add similar​    ​  Higher level only (Y-Yes)​  ​   ​      ​  G=Groups​      ​  U=Users​                           ​  C>R=Current to Revised     ​     ​  Specify revised authority in the R column.​       ​  Y​  Allowed​      ​  Y=Allow ​         ​  Press Enter to apply revised authority.​          ​  N​  Rejected​     ​  N=Reject​                                                          ​  Y​  Allowed (from higher level) ​      ​  Rd ​  ​  Wrt​  ​  Rnm​  ​  Dlt​  ​  Mov​  File Sys⁄  ​          ​  N​  Rejected(from higher level) ​  ​  Opt​  C>R​  ​  C>R​  ​  C>R​  ​  C>R​  ​  C>R​  Root Dir   ​  Directory⁄File name  ​  Grp⁄User​  Entries ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  N501232⁄BLABLAX#.TXT ​  232X      ​      4 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  N501232⁄NEW FOLDER   ​  232X      ​      6 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  N501232⁄TEST         ​  232X      ​      2 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  PTF⁄PC050003.DAT     ​  %GROUP1   ​      8 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  PTF⁄PC050003.TXT     ​  %GROUP1   ​      4 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  PTF⁄PJ090014.DAT     ​  %GROUP1   ​      2 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  PTF⁄PJ090016.DAT     ​  %GROUP1   ​     10 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  PTF⁄PJ090016.TXT     ​  %GROUP1   ​      4 ​   ​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  ​  N​   ​  HOME       ​  PTF⁄PO050016.DAT     ​  %GROUP1   ​     38 ​                                                                   ​       More...​   ​  F3=Exit   F6=Add New   F8=Print   F12=Cancel   F17=Allow by use globally​                                                                                                                                                                           ​

Enter new values in the second field of each column for which you want to change access in the rows for the appropriate rule. You can enter Y to accept requests or N to reject requests.

NOTE: While the Current line may show a V for servers for which access is determined by the verbs used, the setting can only be changed to that via the Modify Server Verb Authority screen, as shown in Modifying Firewall Settings for a User based on Server Verbs.

In this example, to accept requests to read the file N501232/BLABLAX#.TXT in the file system HOME by the user 232X, type Y in the second column in the top line under Rd.

When you have entered the letters for the changes in the appropriate columns, type 6 in the Opt field for the rule and press Enter.

The rule that you have changed disappears from the screen. You can see its changed value by checking the Work with IFS Security screen, as shown in Setting Firewall Rules for IFS Objects.