Adding Firewall Rules for Incoming Activity by IP Address with the Rule Wizard
To add firewall rules to filter incoming activity via the Rule Wizard, press the F6 key from the Plan Incoming IP Security screen, shown in Analyzing Recent Data on Incoming Activity by IP Address with the Rule Wizard (STRFW > 2 > 42).
The Add Firewall Incoming IP Address screen appears:
| Add Firewall Incoming IP Address Type choices, press Enter. IP Address . . . . . . Y=Yes, N=No, S=SSL only, A=Skip checks, B=SSL+Skip checks, L=Skip checks+Log, M=SSL+Skip checks+Log FTP⁄REXEC . . . . . . . RMT Server . . . . . . Telnet . . . . . . . . DDM⁄DRDA . . . . . . . DB Server . . . . . . . File Server . . . . . TCP Signon . . . . . . F3=Exit F12=Cancel |
Enter the IP address to which the new rule will apply in the IP Address field.
The screen contains fields for codes that control how Firewall reacts to requests to access servers. The server types are:
- FTP/REXEC including FTPLOG and TEXLOG
- Telnet
- DB Server including SQLENT, SQL, NDB, OBJINF, and DBOPEN
- TCP Sign-in
- Remote Server
- DDM and DRDA
- File Server
For each server type, enter a letter corresponding to how Firewall is to react to requests to access it. The letters are:
- Y: Accepted
- N: Rejected
- S: Only accepted over SSL connections
- A: Accepted, without checking whether SQL statements are valid
- B: Only accepted over SSL connections, without checking whether SQL statements are valid
- L: Accepted, without either checking whether SQL statements are valid or logging the activity
- M: Only accepted over SSL connections, without either checking whether SQL statements are valid or logging the activity.
If you do not enter a letter for a server, requests to access it are handled according to the next highest generic rule that applies to it, up through the rule (if any) for *ALL.