Use the z/OS UNIX pasearch command to query information from the z/OS UNIX Policy Agent. The command is issued from the UNIX System Services shell.
Restriction: The pasearch command requires access to the PAPI DLL at run time. Ensure that the LIBPATH environment variable is specified and points to the /usr/lib directory. For example, specify: export LIBPATH=/usr/lib
Result: If any of the information that is requested by the pasearch command is not currently available, the pasearch command displays <not available>. For example, when the pasearch command is issued on a policy client, some information might need to be obtained from the policy server. Reissue the pasearch command later to see the complete information.
.----------------. V | >>-pasearch----+------------+-+-------------------------------->< '-| Option |-' Option .- -A -e-----------------. |--+------------------------+-----------------------------------| +- -A--------------------+ +- -a--------------------+ +- -C--------------------+ +- -c--------------------+ +- -d--------------------+ +- -e--------------------+ +- -f --PolicyFilterName-+ +- -g--------------------+ +- -I--------------------+ +- -i--------------------+ +- -n--------------------+ +- -o--------------------+ +- -p --image------------+ +- -q--------------------+ +- -R--------------------+ +- -r--------------------+ +- -s --PolicyScopeName--+ +- -T--------------------+ +- -t--------------------+ +- -v--+-a-+-------------+ | +-f-+ | | +-k-+ | | '-l-' | +- -w--------------------+ '- -?--------------------'
Result: If the -p option is not used, then only the policies that are configured with the TcpImage or PEPInstance statement are returned.
========================================================================
================== pasearch -c =========================================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS1
Date: 09/18/2011 Time: 13:30:32
PAPI Version: 9 DLL Version: 9
Qos Policy Object:
ConfigLocation: Local LDAPServer: True
ImageFileName: /u/user10/pagallcimagea.conf
ApplyFlush: True PolicyFlush: True
ApplyPurge: True PurgePolicies: True
AtomicParse: False DeleteOnNoflush: False
DummyOnEmptyPolicy: False ModifyOnIDChange: True
Configured: True UpdateInterval: 120
PerfColEnabled: False
InstanceId: 1253294875
LastPolicyChanged: Fri Sep 18 13:27:55 2011
Ids Policy Object:
ConfigLocation: Local LDAPServer: True
CommonFileName:
ImageFileName: /usr/lpp/tcpip/samples/pagent_IDS.conf
ApplyFlush: True PolicyFlush: True
ApplyPurge: True PurgePolicies: True
AtomicParse: False DeleteOnNoflush: False
DummyOnEmptyPolicy: False ModifyOnIDChange: False
Configured: True UpdateInterval: 120
InstanceId: 1253294875
LastPolicyChanged: Fri Sep 18 13:27:55 2011
IPSec Policy Object:
ConfigLocation: Remote LDAPServer: False
ClientName: VIC136_TCPCS1
ClientUserid: USER1
PolicyServerAddr 9.42.104.23
PolicyServerPort: 8211 PolicyServSysname: VIC137
ClientSSLActive: True
ConnectTime: Fri Sep 18 13:29:51 2011
ApplyFlush: False
ApplyPurge: False
AtomicParse: True DeleteOnNoflush: True
DummyOnEmptyPolicy: True ModifyOnIDChange: False
IpSecEnabled IPv4: True IpSecEnabled IPv6: False
IpSec3DESEnabled: True IpSecAESEnabled: True
IpSecAESGCM16Enabled: True
UpdateInterval: 300
InstanceId: 1253294993
LastPolicyChanged: Fri Sep 18 13:29:53 2011
IpFilter Policy Object:
Configured: True PreDecapOn: Off
FilterLogging: On FilterLogImplicit: No
AllowOnDemand: No ImplDiscardAction: Silent
FIPS140: No
KeyExchange Policy Object:
Configured: True
AllowNat: No NatKeepAliveIntvl: 20
HowToInitiate: Main LivenessInterval: 30
BypassIpValidation: No CertURLLookupPref: Tolerate
RevocationChecking: Loose
LocalDynVpn Policy Object:
Configured: True
Policy updated: Fri Sep 18 13:29:53 2011
Routing Policy Object:
ConfigLocation: Local LDAPServer: False
CommonFileName:
ImageFileName: /usr/lpp/tcpip/samples/pagent_Routing.conf
ApplyFlush: True PolicyFlush: True
ApplyPurge: True PurgePolicies: False
AtomicParse: True DeleteOnNoflush: False
DummyOnEmptyPolicy: True ModifyOnIDChange: False
Configured: True UpdateInterval: 120
InstanceId: 1253294871
LastPolicyChanged: Fri Sep 18 13:27:51 2011
TTLS Policy Object:
ConfigLocation: Remote LDAPServer: False
ClientName: VIC136_TCPCS1
ClientUserid: USER1
PolicyServerAddr 9.42.104.23
PolicyServerPort: 8211 PolicyServSysname: VIC137
ClientSSLActive: True
ConnectTime: Fri Sep 18 13:29:51 2011
ApplyFlush: True PolicyFlush: True
ApplyPurge: True PurgePolicies: True
AtomicParse: True DeleteOnNoflush: False
DummyOnEmptyPolicy: True ModifyOnIDChange: False
Configured: True UpdateInterval: 300
TTLS Enabled: False
InstanceId: 1253294993
LastPolicyChanged: Fri Sep 18 13:29:53 2011
========================================================================
================== pasearch -q -p TCPCS1 ===============================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS1
Date: 09/18/2011 Time: 13:30:32
QoS Instance Id: 1253294875
policyRule: web-catalog-rule
Rule Type: QoS
Version: 3 Status: Active
Distinguish Name: cn=web-catalog-rule,cn=QoS,cn=advanced,ou=policy,o=IBM,c=US
Group Distinguish Nm: cn=main,cn=QoS,cn=advanced,ou=policy,o=IBM,c=US
Weight: 110 ForLoadDist: False
Priority: 10 Sequence Actions: Don't Care
No. Policy Action: 1 ConditionListType: DNF
policyAction: interactive1-action
ActionType: QOS
Action Sequence: 1
Time Periods:
Day of Month Mask:
First to Last: 1111111111111111111111111111111
Last to First: 1111111111111111111111111111111
Month of Yr Mask: 111111111111
Day of Week Mask: 1111111 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 00:00 To TimeOfDay: 24:00
Fr TimeOfDay UTC: 04:00 To TimeOfDay UTC: 04:00
TimeZone: Local
Net Condition Summary: NegativeIndicator: Off
RouteCondition:
InInterface: All
OutInterface: All
IncomingTOS: 00000000 IncomingTOSMask: 0
HostCondition:
SourceIpFrom: All
SourceIpTo: All
DestIpFrom: All
DestIpTo: All
DestHostDomainName:
ApplicationCondition:
ProtocolNumFrom: 6 ProtocolNumTo: 6
SourcePortFrom: 80 SourcePortTo: 80
DestPortFrom: 0 DestPortTo: 0
ApplicationName: ApplPriority: 0
ApplicationData: /catalog
Policy created: Fri Sep 18 13:27:55 2011
Policy updated: Fri Sep 18 13:27:55 2011
Qos Action: interactive1-action
Version: 3 Status: Active
Distinguish Name: cn=interactive1,cn=QoSact,cn=repository,o=IBM,c=US
Scope: DataTraffic OutgoingTOS: 10000000
Permission: Allowed
MaxRate: 0 MinRate: 0
MaxConn: 0
Routing Interfaces: 0
RSVP Attributes:
ServiceType: 0 MaxRatePerFlow: 0
MaxTokBuckPerFlw: 0 MaxFlows: 0
SignalClient: True
DiffServ Attributes:
InProfRate: 0 InProfPeakRate: 0
InProfTokBuck: 0 InProfMaxPackSz: 0
OutProfXmtTOSByte: 00000000 ExcessTrafficTr: BestEffort
Policy created: Fri Sep 18 13:27:55 2011
Policy updated: Fri Sep 18 13:27:55 2011
========================================================================
================== pasearch -v k =======================================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS1
Date: 09/18/2011 Time: 13:30:32
IPSec Instance Id: 1253294993
policyRule: Admin_KeyExRule1
Rule Type: KeyExchange
Version: 3 Status: Active
Weight: 105 ForLoadDist: False
Priority: 5 Sequence Actions: Don't Care
No. Policy Action: 1
IpSecType: policyKeyExchange
policyAction: Bronze-PSK
ActionType: KeyExchange
Action Sequence: 0
Time Periods:
Day of Month Mask: 0000000000000000000000000000000
Month of Yr Mask: 000000000000
Day of Week Mask: 0000000 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 00:00 To TimeOfDay: 00:00
Fr TimeOfDay UTC: 00:00 To TimeOfDay UTC: 00:00
TimeZone: Local
IpSec Condition Summary: NegativeIndicator: Off
KeyExchange Condition:
LocalSecurityEndPoint:
Location:
FromAddr: All4
ToAddr: All4
Identity:
UserAtFqdn:
admin@secureserver.raleigh.ibm.com
RemoteSecurityEndPoint:
Location:
FromAddr: 9.1.1.2
ToAddr: 9.1.1.2
Identity:
IpAddr:
FromAddr: 9.1.1.2
ToAddr: 9.1.1.2
Policy created: Fri Sep 18 13:29:53 2011
Policy updated: Fri Sep 18 13:29:53 2011
KeyExchange Action: Bronze-PSK
Version: 3 Status: Active
HowToInitiate: Aggressive HowToRespondIKEv1: Aggressive
AllowNat: No FilterByIdentity: No
HowToAuthMe: RsaSignature ReauthInterval: 0
BypassIpValidation: No CertURLLookupPref: Tolerate
KeyExchangeOffer: 0
HowToEncrypt: DES KeyLength: N/A
HowToAuthPeers: PresharedKey DHGroup: Group1
HowToAuthMsgs: SHA1
HowToVerifyMsgs: HMAC_SHA1_96 PseudoRandomFunc: HMAC_SHA1
RefLifeTmPropose: 480
RefLifeTmAcptMin: 240 RefLifeTmAcptMax: 1440
RefLifeSzPropose: None
RefLifeSzAccept : None
Policy created: Fri Sep 18 13:29:53 2011
Policy updated: Fri Sep 18 13:29:53 2011
========================================================================
================== pasearch -v l =======================================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS1
Date: 09/18/2011 Time: 13:30:32
IPSec Instance Id: 1253294993
policyRule: ZoneC_VPN-EE1
Rule Type: LocalDynVpn
Version: 3 Status: Active
GroupName: ZoneC_BranchOfficeVPNs
Weight: 108 ForLoadDist: False
Priority: 8 Sequence Actions: Don't Care
No. Policy Action: 0
IpSecType: policyDynamicVpn
Time Periods:
Day of Month Mask: 0000000000000000000000000000000
Month of Yr Mask: 000000000000
Day of Week Mask: 0000000 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 00:00 To TimeOfDay: 00:00
Fr TimeOfDay UTC: 00:00 To TimeOfDay UTC: 00:00
TimeZone: Local
IpSec Condition Summary: NegativeIndicator: Off
LocalDynVpn Condition:
LocalIp:
FromAddr: 9.3.3.3
ToAddr: 9.3.3.3
RemoteIp:
FromAddr: 9.5.0.0
Prefix: 16
LocalDataPort: 12000 RemoteDataPort: 12000
AutoActivate: Yes
Protocol: UDP (17)
Policy created: Fri Sep 18 13:29:53 2011
Policy updated: Fri Sep 18 13:29:53 2011
========================================================================
================== pasearch -v a -n ====================================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS1
Date: 09/18/2011 Time: 13:30:32
IPSec Instance Id: 1253294993
policyRule: Rule1Admin
IpFilter Action: permit
policyRule: Rule2Admin
IpFilter Action: ipsec
IpFilter Action: Silver-TransportMode
policyRule: Rule1A
IpFilter Action: permit
policyRule: Rule2A
IpFilter Action: ipsec
IpFilter Action: Bronze-TransportMode
policyRule: Rule1B
IpFilter Action: permit
policyRule: Rule2B
IpFilter Action: ipsec
IpFilter Action: Gold-TransportMode
policyRule: Rule1C
IpFilter Action: permit
policyRule: Rule2C
IpFilter Action: ipsec
IpFilter Action: Gold-TunnelMode
IpFilter Action: StartZoneC
policyRule: Rule1DtoC
IpFilter Action: permit
policyRule: Rule2DtoC
IpFilter Action: ipsec
IpFilter Action: Gold-TunnelMode
IpFilter Action: StartZoneDtoZoneC
policyRule: Rule1N
IpFilter Action: permit
policyRule: Rule2N
IpFilter Action: ipsec
IpFilter Action: Gold-TransportMode
policyRule: Rule1All-IPv4-Permit
IpFilter Action: permit
policyRule: Rule2All-IPv4-Deny
IpFilter Action: deny-log
policyRule: Rule1All-IPv6-Permit
IpFilter Action: permit
policyRule: Rule2All-IPv6-Deny
IpFilter Action: deny-log
policyRule: DenyAllRule_Generated___________Inbnd
policyRule: DenyAllRule_Generated___________Outbnd
policyRule: Admin_KeyExRule1
KeyExchange Action: Bronze-PSK
policyRule: ZoneA_KeyExRule1
KeyExchange Action: Silver-RSA
policyRule: ZoneB_KeyExRule1
KeyExchange Action: Gold-RSA
policyRule: ZoneC_KeyExRule1
KeyExchange Action: Gold-RSA
policyRule: ZoneN_KeyExRule1
KeyExchange Action: Gold-RSA-AllowNat
policyRule: ZoneC_VPN-EE1
policyRule: ZoneC_VPN-EE2
policyRule: ZoneC_VPN-EE3
policyRule: ZoneC_VPN-EE4
policyRule: ZoneC_VPN-EE5
policyRule: ZoneC_VPN-FTP-Data
policyRule: ZoneC_VPN-FTP-Control
policyRule: ZoneC_VPN-CICS-3000
========================================================================
================== pasearch -s DynamicVpn -v f =========================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS1
Date: 09/18/2011 Time: 13:30:32
IPSec Instance Id: 1253294993
policyRule: Rule2Admin
Rule Type: IpFilter
Version: 3 Status: Active
GroupName: Admin
Weight: 119 ForLoadDist: False
Priority: 19 Sequence Actions: Don't Care
No. Policy Action: 2 ConditionListType: CNF
IpSecType: policyIpFilter
policyAction: ipsec
ActionType: IpFilter GenericFilter
Action Sequence: 0
policyAction: Silver-TransportMode
ActionType: IpFilter DynamicVpn
Action Sequence: 0
Time Periods:
Day of Month Mask:
First to Last: 1111111111111111111111111111111
Last to First: 1111111111111111111111111111111
Month of Yr Mask: 111111111111
Day of Week Mask: 1111111 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 00:00 To TimeOfDay: 24:00
Fr TimeOfDay UTC: 04:00 To TimeOfDay UTC: 04:00
TimeZone: Local
IpSec Condition Summary: NegativeIndicator: Off
IpFilter Condition:
Source Address:
Destination Address:
Service Condition:
Protocol: 0
Direction: 0
RouteType: 0 SecurityClass: 0
FragmentsOnly: No
Condition Work Level: 0
Group Number: 0 Cond Count: 2
Ignore: No
IpSec Condition Work Summary: NegativeIndicator: Off
IpFilter Condition:
Source Address:
Destination Address:
Service Condition:
Protocol: 0
Direction: 0
RouteType: 0 SecurityClass: 0
FragmentsOnly: No
IpSec Condition Work: NegativeIndicator: Off
IpFilter Condition:
Source Address:
FromAddr: 9.1.1.1
ToAddr: 9.1.1.1
Destination Address:
Service Condition:
Protocol: 0
Direction: 0
RouteType: 0 SecurityClass: 0
FragmentsOnly: No
Condition Work Level: 1
Group Number: 1 Cond Count: 2
Ignore: No
IpSec Condition Work Summary: NegativeIndicator: Off
IpFilter Condition:
Source Address:
Destination Address:
Service Condition:
Protocol: 0
Direction: 0
RouteType: 0 SecurityClass: 0
FragmentsOnly: No
IpSec Condition Work: NegativeIndicator: Off
IpFilter Condition:
Source Address:
Destination Address:
FromAddr: 9.1.1.2
ToAddr: 9.1.1.2
Service Condition:
Protocol: 0
Direction: 0
RouteType: 0 SecurityClass: 0
FragmentsOnly: No
Condition Work Level: 2
Group Number: 3 Cond Count: 2
Ignore: No
IpSec Condition Work Summary: NegativeIndicator: Off
IpFilter Condition:
Source Address:
Destination Address:
Service Condition:
Protocol: 0
Direction: 0
RouteType: 0 SecurityClass: 0
FragmentsOnly: No
IpSec Condition Work: NegativeIndicator: Off
IpFilter Condition:
Source Address:
Destination Address:
Service Condition:
Protocol: All
Direction: Bidirectional
RouteType: Local SecurityClass: 0
FragmentsOnly: No
Policy created: Fri Sep 18 13:29:53 2011
Policy updated: Fri Sep 18 13:29:53 2011
IpFilter Action: ipsec
Version: 3 Status: Active
Scope: GenericFilter
ipFilterAction: IPSec IpFilterLogging: Yes Logdeny
DiscardAction: Silent
Policy created: Fri Sep 18 13:29:53 2011
Policy updated: Fri Sep 18 13:29:53 2011
IpFilter Action: Silver-TransportMode
Version: 3 Status: Active
Scope: DynamicVpn
Initiation: Either VpnLife: 1440
AcceptablePfs: None
InitiateWithPfs: None IpDataOfferNum: 1
PassthroughDSCP: Yes PassthroughDF: Yes
HowToEncapIKEv2: Either
IPDataOffer: 0
HowToEncap: Transport
HowToEncrypt: DES KeyLength: N/A
HowToAuth: ESP HowToAuthAlgr: HMAC_SHA1
RefLifeTmPropose: 240
RefLifeTmAcptMin: 120 RefLifeTmAcptMax: 480
RefLifeSzPropose: None
RefLifeSzAccept : None
Policy created: Fri Sep 18 13:29:53 2011
Policy updated: Fri Sep 18 13:29:53 2011
========================================================================
================== pasearch -i -w -f AttackMalformed ===================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS2
Date: 09/28/2011 Time: 12:01:32
IDS Instance Id: 1285689675
policyRule: AttackMalformed-rule
Rule Type: IDS
Version: 4 Status: Active
Weight: 102 ForLoadDist: False
Priority: 2 Sequence Actions: Don't Care
No. Policy Action: 1
IdsType: policyIdsAttack
policyAction: Attack-action
ActionType: IDS
Action Sequence: 0
Time Periods:
Day of Month Mask:
First to Last: 1111111111111111111111111111111
Last to First: 1111111111111111111111111111111
Month of Yr Mask: 111111111111
Day of Week Mask: 1111111 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 00:00 To TimeOfDay: 24:00
Fr TimeOfDay UTC: 04:00 To TimeOfDay UTC: 04:00
TimeZone: Local
Ids Condition Summary: NegativeIndicator: Off
Attack Condition:
IdsAttackType: MALFORMED_PACKET
Policy created: Tue Sep 28 12:01:15 2011
Policy updated: Tue Sep 28 12:01:15 2011
Ids Action: Attack-action
Version: 4 Status: Active
Attack ActionType: NoDiscard
TypeActions: Statistics Log
StatType: Exception StatInterval: 60
LogDetail: No LoggingLevel: 1
Policy created: Tue Sep 28 12:01:15 2011
Policy updated: Tue Sep 28 12:01:15 2011
========================================================================
================== pasearch -i ========================================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS2
Date: 09/28/2011 Time: 12:01:55
IDS Instance Id: 1285689675
policyRule: ScanEventLowTcp-rule
Rule Type: IDS
Version: 4 Status: Active
Weight: 102 ForLoadDist: False
Priority: 2 Sequence Actions: Don't Care
No. Policy Action: 1
IdsType: policyIdsScanEvent
policyAction: ScanEventLow-action
ActionType: IDS
Action Sequence: 0
Time Periods:
Day of Month Mask:
First to Last: 1111111111111111111111111111111
Last to First: 1111111111111111111111111111111
Month of Yr Mask: 111111111111
Day of Week Mask: 1111111 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 00:00 To TimeOfDay: 24:00
Fr TimeOfDay UTC: 04:00 To TimeOfDay UTC: 04:00
TimeZone: Local
Ids Condition Summary: NegativeIndicator: Off
ScanEvent Condition:
Sensitivity: Low
Protocol: TCP (6)
LocalPortFrom: 1 LocalPortTo: 1023
LocalHostAddress:
FromAddr: All
ToAddr: All
Policy created: Tue Sep 28 12:01:15 2011
Policy updated: Tue Sep 28 12:01:15 2011
Ids Action: ScanEventLow-action
Version: 4 Status: Active
ScanEvent ActionType: Count
Policy created: Tue Sep 28 12:01:15 2011
Policy updated: Tue Sep 28 12:01:15 2011
========================================================================
================== pasearch -t ========================================
========================================================================
policyRule: Secure_Telnet_23_Debug
Rule Type: TTLS
Version: 3 Status: Active
Weight: 20 ForLoadDist: False
Priority: 20 Sequence Actions: Don't Care
No. Policy Action: 3
policyAction: grp_Production
ActionType: TTLS Group
Action Sequence: 0
policyAction: Secure_Telnet_Env
ActionType: TTLS Environment
Action Sequence: 0
policyAction: Secure_Telnet_Conn_Debug
ActionType: TTLS Connection
Action Sequence: 0
Time Periods:
Day of Month Mask:
First to Last: 1111111111111111111111111111111
Last to First: 1111111111111111111111111111111
Month of Yr Mask: 111111111111
Day of Week Mask: 1111111 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 00:00 To TimeOfDay: 24:00
Fr TimeOfDay UTC: 04:00 To TimeOfDay UTC: 04:00
TimeZone: Local
TTLS Condition Summary: NegativeIndicator: Off
Local Address:
FromAddr: 10.1.2.3
ToAddr: 10.1.2.3
Remote Address:
FromAddr: 10.45.23.10
ToAddr: 10.45.23.10
LocalPortFrom: 23 LocalPortTo: 23
RemotePortFrom: 0 RemotePortTo: 0
JobName: UserId:
ServiceDirection: Inbound
Policy created: Wed Mar 9 06:31:13 2011
Policy updated: Wed Mar 9 06:31:13 2011
TTLS Action: grp_Production
Version: 3
Status: Active
Scope: Group
TTLSEnabled: On
CtraceClearText: Off
Trace: 2
FIPS140: Off
TTLSGroupAdvancedParms:
SecondaryMap: Off
SyslogFacility: Daemon
Policy created: Wed Mar 9 06:31:13 2011
Policy updated: Wed Mar 9 06:31:13 2011
TTLS Action: Secure_Telnet_Env
Version: 3
Status: Active
Scope: Environment
HandshakeRole: Server
SuiteBProfile: Off
TTLSKeyringParms:
Keyring: TCPCSsafkeyring
TTLSEnvironmentAdvancedParms:
SSLv2: Off
SSLv3: On
TLSv1: On
TLSv1.1: On
TLSv1.2: Off
ApplicationControlled: On
HandshakeTimeout: 5
ClientAuthType: Required
ResetCipherTimer: 0
TruncatedHMAC: Off
CertValidationMode: Any
ServerMaxSSLFragment: Off
ClientMaxSSLFragment: Off
ServerHandshakeSNI: Off
ClientHandshakeSNI: Off
Renegotiation: Default
RenegotiationIndicator: Optional
RenegotiationCertCheck: Off
EnvironmentUserInstance: 0
Policy created: Wed Mar 9 06:31:13 2011
Policy updated: Wed Mar 9 06:31:13 2011
TTLS Action: Secure_Telnet_Conn_Debug
Version: 3
Status: Active
Scope: Connection
CtraceClearText: On
Trace: 254
Policy created: Wed Mar 9 06:31:13 2011
Policy updated: Wed Mar 9 06:31:13 2011
========================================================================
================== pasearch -R ========================================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS3
Date: 10/12/2012 Time: 11:00:46
Routing Instance Id: 1350050178
policyRule: GenericRoutingRule
Rule Type: Routing
Version: 4 Status: Active
Weight: 10 ForLoadDist: False
Priority: 10 Sequence Actions: Don't Care
No. Policy Action: 1
policyAction: GenericRoutingAction
ActionType: Routing
Action Sequence: 0
Time Periods:
Day of Month Mask:
First to Last: 1111111111111111111111111111111
Last to First: 1111111111111111111111111111111
Month of Yr Mask: 111111111111
Day of Week Mask: 1111111 (Sunday - Saturday)
Start Date Time: None
End Date Time: None
Fr TimeOfDay: 08:00 To TimeOfDay: 17:00
Fr TimeOfDay UTC: 11:00 To TimeOfDay UTC: 20:00
TimeZone: Local
Routing Condition Summary: NegativeIndicator: Off
IpSourceAddr Address:
FromAddr: All
ToAddr: All
IpDestAddr Address:
FromAddr: 0.0.0.0
Prefix: 0
TrafficDescriptor:
Protocol: TCP (6)
SourcePortFrom 111 SourcePortTo 111
DestinationPortFrom 1024 DestinationPortTo 65535
JobName JOB1 SecurityZone SECZONE
SecurityLabel SECLABEL
Policy created: Fri Oct 12 10:56:18 2012
Policy updated: Fri Oct 12 10:56:18 2012
Routing Action: GenericRoutingAction
Version: 4 Status: Active
UseMainRouteTable Yes
RouteTable: RtTbl1
RouteTable: RtTbl2
RouteTable: RtTbl3
Policy created: Fri Oct 12 10:56:18 2012
Policy updated: Fri Oct 12 10:56:18 2012
========================================================================
================== pasearch -T ========================================
========================================================================
TCP/IP pasearch CS V2R1 Image Name: TCPCS3
Date: 10/12/2012 Time: 11:03:00
Routing Instance Id: 1350050178
Route Table: RtTbl1
Version: 1 Status: Active
IPv4 table Active
IgnorePathMtuUpdate No
MultiPath PerConnection DynamicXCFRoutes No
IPv6 table Active
IgnorePathMtuUpdate6 No
MultiPath6 PerConnection DynamicXCFRoutes6 No
Route (IPv4)
Destination:
ipaddress 1.1.1.1
First Hop:
gateway_addr =
link_name LINK1
MTU size 1492
Replaceable No
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
Route (IPv4)
Destination:
ipaddress 1.0.0.0
Prefix 8
First Hop:
gateway_addr 2.2.2.2
link_name LINK2
MTU size 1492
Replaceable No
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
Route (IPv4)
Destination Default
First Hop:
gateway_addr 4.4.4.4
link_name LINK4
MTU size DEFAULTSIZE
Replaceable No
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
Route (IPv6)
Destination:
ipaddress 2001:db8:0:0:1::
Prefix 80
First Hop:
gateway_addr fe80::2:2:2:2
link_name LINK2V6
MTU size 5000
Replaceable No
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
Route (IPv6)
Destination Default6
First Hop:
gateway_addr fe80::4:4:4:4
link_name LINK4V6
MTU size DEFAULTSIZE
Replaceable No
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
Policy created: Fri Oct 12 10:56:18 2012
Policy updated: Fri Oct 12 10:56:18 2012
Route Table: RtTbl2
Version: 1 Status: Active
IPv4 table Active
IgnorePathMtuUpdate No
MultiPath UseGlobal DynamicXCFRoutes No
IPv6 table Active
IgnorePathMtuUpdate6 No
MultiPath6 UseGlobal DynamicXCFRoutes6 No
DynamicRoutingParms (IPv4)
link_name LINK1 IPv4
DynamicRoutingParms (IPv4)
link_name LINK2
gateway_addr 2.1.1.1
DynamicRoutingParms (IPv4)
link_name LINK2
gateway_addr 2.2.2.2
DynamicRoutingParms (IPv6)
link_name LINK1V6 IPv6
DynamicRoutingParms (IPv6)
link_name LINK2V6
gateway_addr fe80::2:1:1:1
Policy created: Fri Oct 12 10:56:18 2012
Policy updated: Fri Oct 12 10:56:18 2012
Route Table: RtTbl3
Version: 1 Status: Active
IPv4 table Active
IgnorePathMtuUpdate No
MultiPath UseGlobal DynamicXCFRoutes No
IPv6 table Active
IgnorePathMtuUpdate6 No
MultiPath6 UseGlobal DynamicXCFRoutes6 No
Route (IPv4)
Destination:
ipaddress 1.1.1.1
First Hop:
gateway_addr =
link_name LINK1
MTU size 1492
Replaceable No
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
Route (IPv4)
Destination:
ipaddress 1.1.0.0
Prefix 16
First Hop:
gateway_addr 2.2.2.2
link_name LINK2
MTU size 1492
Replaceable Yes
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
Route (IPv6)
Destination:
ipaddress 2001:db8::1:1:0:0
Prefix 96
First Hop:
gateway_addr fe80::2:2:2:2
link_name LINK2V6
MTU size 5000
Replaceable Yes
MaximumRetransmitTime 120.000
MinimumRetransmitTime 0.500
RoundTripGain 0.125
VarianceGain 0.250
VarianceMultiplier 2.000
DelayAcks Yes
DynamicRoutingParms (IPv4)
link_name LINK2 IPv4
DynamicRoutingParms (IPv6)
link_name LINK2V6 IPv6
Policy created: Fri Oct 12 10:56:18 2012
Policy updated: Fri Oct 12 10:56:18 2012