General updates of z/OS UNIX commands
| Command | Parm | Release | Description | Reason for change |
|---|---|---|---|---|
| dnsmigrate | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
| dnssec-keygen | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
| dnssec-makekeyset | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
| dnssec-signkey | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
| dnssec-signzone | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
 ezatmail |
N/A |
V2R2 |
New command for sendmail to CSSMTP bridge. See
z/OS Communications Server: IP User's Guide and Commands for more information. |
sendmail to CSSMTP bridge (APAR PI71175) |
| ipsec | -F add | V2R1 | The loglimit keyword is a new keyword that you can use to limit the number of filter-match log messages generated for the defensive filter being added. | Limit defensive filter logging |
| -F update | V2R1 | The loglimit keyword is a new keyword that you can use to limit the number of filter-match log messages generated for the defensive filter being added. | Limit defensive filter logging | |
-F display |
V2R1 | A new field, LogLimit, is included in filters displayed with the ipsec command. For defensive filters, it indicates whether filter-match messages are being limited. For all other filter types, it has a value of N/A. | Limit defensive filter logging | |
| -k display | V1R13 | The NATTSupportLevel field is changed to support
two additional values: IKEv2 and IKEv2_zOS. The following fields
previously reported N/A for all IKEv2 tunnels because NAT traversal
was not supported for IKEv2. They are now populated appropriately
when an IKEv2 tunnel traverses one or more NAT devices:
|
Network address translation traversal support for IKE version 2 | |
| ipsec (continued) | -y display -b | V1R13 | The following fields previously reported N/A
for all IKEv2 tunnels because NAT traversal was not supported for
IKEv2. They are now populated appropriately when an IKEv2 tunnel
traverses one or more NAT devices:
|
Network address translation traversal support for IKE version 2 |
| -y display | V1R13 | The following fields previously reported N/A
for all IKEv2 tunnels because NAT traversal was not supported for
IKEv2. They are now populated appropriately when an IKEv2 tunnel
traverses one or more NAT devices:
|
Network address translation traversal support for IKE version 2 | |
| named | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
| orpcinfo or rpcinfo1 | -p | V1R13 | The program version column is wider than in prior releases. The offsets of all columns following the first column are different. | Release update |
| pasearch | -i | V1R13 | The display is changed to include the settings for new IDS configuration fields. | Expanded Intrusion Detection Services |
| V1R13 | The display is changed to include the settings for new IDS configuration fields. | Intrusion Detection Services support for Enterprise Extender | ||
| -R | V2R1 | IPv6 policy is included in the display of all Routing policy entries that match the input options for pasearch. | IPv6 support for policy-based routing | |
| -T | V2R1 | IPv6 routes and dynamic routing parameters are included in the display of all Routing tables that match the input options for pasearch. | IPv6 support for policy-based routing | |
| -t | V2R2 | The report output can have a new value of RFC5280 for CertValidationMode. | AT-TLS certificate processing enhancements | |
| V2R2 | Displays values pertaining to certificate revocation for the new AT-TLS policy agent statements and parameters. | AT-TLS certificate processing enhancements | ||
| V2R1 | Displays new parameters on AT-TLS configuration statements. | AT-TLS support for TLS v1.2 and related features | ||
| rndc | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
| rndc-confgen | V2R1 | This command is no longer supported. | Removal of BIND DNS Name Server from z/OS | |
| trmdstat | All of report options | V1R13 | The following changes were made:
|
Expanded Intrusion Detection Services |
| -A | V1R13 | The summary (-A), detail (-A -D), and statistics
(-A -S) displays are changed to include information for the following
new attack types: DATA_HIDING, OUTBOUND_RAW_IPV6, RESTRICTED_IPV6_DST_OPTIONS,
RESTRICTED_IPV6_HOP_OPTIONS, and RESTRICTED_IPV6_NEXT_HDR. The statistics display (-A -S) is changed to also include information for the GLOBAL_TCP_STALL and TCP_QUEUE_SIZE attack types. |
Expanded Intrusion Detection Services | |
| V1R13 | The summary (-A), detail (-A -D), and statistics
(-A -S) displays are changed to include information for the following
new attack types: EE_MALFORMED_PACKET, EE_PORT_CHECK, and EE_LDLC_CHECK. The statistics display (-A -S) is changed to also include information for the EE_XID_FLOOD attack type. |
Intrusion Detection Services support for Enterprise Extender | ||
| -F | V1R13 | The summary (-F), detail (-F -D), and statistics (-F -S) displays are changed to include information for the new EE_XID_FLOOD attack type. | Intrusion Detection Services support for Enterprise Extender | |
| -I | V1R13 | This report is changed to include information for the GLOBAL_TCP_STALL and TCP_QUEUE_SIZE attack types. | Expanded Intrusion Detection Services | |
| -G | V1R13 | This new option can be used to display summary (-G) or detail (-G -D) information for the new Global TCP Stall attack type. | Expanded Intrusion Detection Services | |
| -Q | V1R13 | This new option can be used to display summary (-Q) or detail (-Q -D) information for the new TCP Queue Size attack type. | Expanded Intrusion Detection Services | |
Note:
|
||||