Displaying Definitions and Changing Occurrences of Users and Addresses
To display definitions and to change rules for users, groups, and addresses, select 42. Reporting of Definitions from the Firewall main menu.
The Definitions screen appears:
| GSDFNMNU Definitions Firewall System: S520 Select one of the following: Query Wizard (Definitions) Manage All Occurrences 1. Work with Queries 51. Find All Occurrences of User 52. Replace⁄Remove User 54. Replace⁄Remove IP Current Definitions 56. Replace⁄Remove IPv6 11. Display 12. Print Miscellaneous 13. Select from Menu 61. Change Firewall User Group Selection or command ===> F3=Exit F4=Prompt F9=Retrieve F12=Cancel F13=Information Assistant F16=AS⁄400 main menu |
To view and modify query definitions,
select 1. Work with Queries. The Work with Queries screen appears, as shown in Creating and Running Queries.
To display query definitions,
select 11. Display. The Display Security I Definitions (DSPS1DFN) screen appears, as shown in Running Predefined Reports
To print query definitions,
select 12. Print. The Display Security I Definitions (DSPS1DFN) screen appears, as shown in Running Predefined Reports, with the Output field, when it appears, set to *PRINT.
To select definitions to display or print from a menu,
select 13. Select from Menu. The Definition Reporting - By Subject screen appears, as shown in Running Predefined Reports.
To print a report of all rules that affect and groups that include a user,
select 51. Print All Occurrences of User. The Replace FW user (RPLFWUSR) screen appears, with the Replace to user field set to *PRINT. Enter the name of the user or group in the Replace from user field. The report is sent to a spool file.
To remove rules that affect a user or group, or to replace one user or group affected by rules with another,
select 52. Replace/Remove User. The Replace FW user (RPLFWUSR) screen appears. Enter the name of the user or group to be replaced or removed in the Replace to user field.
To remove rules that affect a user or group, enter *REMOVE in the Replace to user field.
NOTE: Whenever you remove a user from your system, use this screen to remove the rules for that user.
To replace one user or group affected by rules with another, enter the name of the replacement in the Replace from user field.
To remove rules that affect an IP address range , replace one IP address range affected by rules with another, or print a report of rules affecting that range,
select 54. Replace/Remove IP. The Replace FW IP (RPLFWIP) screen appears. Enter the IP address in the From IP field and the subnet mask (or *ANY) in the From SubNet Mask field.
To remove rules that affect an IP address range, enter *REMOVE in the To IP, *REMOVE, *PRINT field.
To replace one IP address range affected by rules with another, enter the IP address in the To IP, *REMOVE, *PRINT field and the subnet mask (or *SAME) in the To SubNet Mask field.
To print rules that affect an IP address, enter *PRINT in the To IP, *REMOVE, *PRINT field.
To remove rules that affect an IPv6 address range , replace one IPv6 address range affected by rules with another,
select 56. Replace/Remove IPv6. The Replace FW IPv6 (RPLFWIPV6) screen appears. Enter the IPv6 address in the From IPv6 field and the prefix length (or *ANY) in the From Prefix Length field.
To remove rules that affect an IPv6 address range, enter *REMOVE in the To IPv6, *REMOVE field.
To replace one IPv6 address range affected by rules with another, enter the IPv6 address in the To IPv6, *REMOVE field and the prefix length (or *SAME) in the To Prefix Length field.
To add a member to a Firewall group, replace a member in it, or remove a member from it,
select 61. Change Firewall User Group. The Change Firewall User Group (CHGFWGRP) screen appears as shown in Adding, Replacing, or Removing Members of Firewall Groups.