Adding Firewall Rules for Users and Groups with the Rule Wizard
To add firewall rules to filter activity by users and groups via the Rule Wizard, press the F6 key from the Plan User Security screen (STRFW > 3 > 41/42).
The Add User Security screen appears:
| Add User Security Type choices, press Enter. User . . . . . . . . . . Name, User Group, *PUBLIC, F4 for list F3=Exit F4=Prompt F12=Cancel |
Type the name of the user or group for which you are creating the rule and press Enter. You can select from a list of existing users or groups by pressing the F4 key.
The Plan User Security screen appears, with an empty record for the new user:
| Plan User Security Type choices, press Enter. Subset . . . PLONY 2=Set by use 4=Delete 5=DSPFWLOG 6=Crt rule 7=Statistics G=Groups U=Users Specific rule exists F F F F R R S D O R F O C C C N N M T No specific rule I T T T E R M Q B B M I R S S S P P S C Current: Y, V=By verb L P P P X E T L O J T L D V L L D C C R R G P Revised: Y, N T L S C L X S E S P N I S S T P I I D R N L E S S S User Group/ F O R L O E Q N Q E D N R R A R C C D D V N N P R G Opt User R G V N G C L T L N B F V V Q T M M M A M M T L V N PLONY Current Done Revised Bottom F3=Exit F6=Add New F8=Print F12=Cancel F17=Set by use globally |
The screen includes a list of servers, displayed vertically, along with a Revised flied for each, in which you can enter new rule values for that user using that server.
The servers include:
- FILTFR: Original File Transfer Function
- FTPLOG: FTP Server Logon
- FTPSRV: FTP Server-Incoming Request Validation
- FTPCLN: FTP Client-Outgoing Request Validation
- REXLOG: REXEC Server Logon
- REXEC: REXEC Server Request Validation
- RMTSQL: Original Remote SQL Server
- SQLENT: Database Server - entry
- SQL: Database Server - SQL access & Showcase
- DBOPEN: Open Database
- NDB: Database Server - data base access
- OBJINF: Database Server - object information
- RMTSRV: Remote Command/Program Call
- FILSRV: File Server
- DTAQ: Data Queue Server
- VPRT: Original Virtual Print Server
- ORLICM: Original License Management Server
- CSLICM: Central Server - license management
- DDM: DDM request access
- DRDA: DRDA Distributed Relational DB access
- CSCNVM: Central Server - conversion map
- CSCLNM: Central Server - client management
- NPRENT: Network Print Server - entry
- NPRSPL: Network Print Server - spool file
- MSGSRV: Original Message Server
- TCPSGN: TCP Signon Server
To accept requests from that user on that server, enter Y in the Revised field for that user on that server.
To reject requests from that user on that server, enter N in the Revised field for that user on that server.
If you do not make an entry for a server, the user or group inherits the rule from the next group up, up through *ALL.