Adding Firewall Rules for a Similar Incoming IP Address with the Rule Wizard

To add firewall rules for an incoming IP address similar to an existing one via the Rule Wizard, enter 9 in the Opt field for the original IP address from the Plan Incoming IP Security screen, shown in Analyzing Recent Data on Incoming Activity by IP Address with the Rule Wizard (STRFW > 2 > 42).

The Add Similar Incoming IP Address screen appears:

​                       ​ Add Similar Incoming IP Address​                         
                                                                                
​ Modify data in field New IP Address.                                          ​ 
​ Modify data in field New Revised authority (optionally).​                       
  ​ New IP Address  . . . . .​   ​ 1.1.1.139      ​                                 
                                                                                
  ​ New Revised authority:​                                                       
​ Y=Yes, N=No, S=SSL only, A=Skip checks, B=SSL+Skip checks, L=Skip checks+Log,​  
​ M=SSL+Skip checks+Log​                                                          
    ​ FTP/REXEC . . . . . . .​   ​ N​           ​ RMT Server . . . . . . ​   ​  ​       
                                                                                
​    ​ Telnet  . . . . . . . .​   ​  ​           ​ DDM/DRDA . . . . . . . ​   ​  ​       
                                                                                
    ​ DB Server . . . . . . .​   ​  ​           ​ File Server  . . . . . ​   ​ Y​       
                                                                                
    ​ TCP Signon  . . . . . .​   ​  ​                                               
                                                                                
​ F3=Exit   F12=Cancel                               ​                            
​                                                                                
                                                                                
​

The original IP address appears in the New IP Address field. Change it to the IP address to which the new rule will apply.

The screen contains fields for codes that control how Firewall reacts to requests to access servers. The fields have entries if the setting for that server type had been changed during the current session for the original IP address.

The server types are:

FTP/REXEC including FTPLOG and TEXLOG
Telnet
DB Server including SQLENT, SQL, NDB, OBJINF, and DBOPEN
TCP Sign-in
Remote Server
DDM and DRDA
File Server

For each server type, enter a letter or change the existing letter to one corresponding to how Firewall is to react to requests to access it. The letters are:

Y: Accepted
N: Rejected
S: Only accepted over SSL connections
A: Accepted, without checking whether SQL statements are valid
B: Only accepted over SSL connections, without checking whether SQL statements are valid
L: Accepted, without either checking whether SQL statements are valid or logging the activity
M: Only accepted over SSL connections, without either checking whether SQL statements are valid or logging the activity.

If you do not enter a letter for a server or remove an existing letter without replacing it, requests to access it are handled according to the next highest generic rule that applies to it, up through the rule (if any) for *ALL.