Load/Unload IP Filter (LODIPFTR)
| Where allowed to run: All environments (*ALL) Threadsafe: No |
Parameters Examples Error messages |
The Load/Unload IP Filter (LODIPFTR) command is used to load or unload internet protocol (IP) filter rules.
Restrictions:
You must have input/output system configuration (*IOSYSCFG) special authority to use this command.
| Top |
Parameters
| Keyword | Description | Choices | Notes |
|---|---|---|---|
| OPTION | Option | *LOAD, *UNLOAD | Required, Positional 1 |
| LIND | Line description | Single values: *ALL Other values: Element list |
Required, Positional 2 |
| Element 1: Line description | Name | ||
| Element 2: Virtual LAN identifier | 1-4094, *NONE | ||
| STMF | Stream file | Path name | Optional |
| INCVPN | Include VPN rules | *NO, *YES | Optional |
| Top |
Option (OPTION)
Specifies whether to load or unload the IP filter rules.
This is a required parameter.
- *LOAD
- The IP filter rules will be loaded.
- *UNLOAD
- The IP filter rules will be unloaded
| Top |
Line description (LIND)
Specify the line description on which to load or unload the IP filter rules.
This is a required parameter.
Single values
- *ALL
- Load or unload the IP filter rules for all line descriptions.
Element 1: Line description
- name
- Specify the name of the line description to be used.
Element 2: Virtual LAN identifier
Specifies the virtual LAN identifier of the associated line. This identifies the virtual LAN to which this interface belongs according to IEEE standard 802.1Q. This parameter is only valid for interfaces defined for Ethernet adapters that support the 802.1Q standard.
- *NONE
- This interface is not part of a virtual LAN.
- 1-4094
- Specify the virtual LAN identifier of the associated line.
| Top |
Stream file (STMF)
Specifies the path name of the stream file containing the IP filter rule to load. The path name is required when the OPTION is *LOAD.
- path-name
- Specify the path name of the stream file. The path name can be 512 characters or less.
For more information on specifying path names, refer to "Object naming rules" in the CL topic collection in the Programming category in the IBM i Information Center at http://www.ibm.com/systems/i/infocenter/.
Note: This parameter is Unicode-enabled. See "Unicode support in CL" in the CL topic collection in the Programming category in the IBM i Information Center at http://www.ibm.com/systems/i/infocenter/ for additional information.
| Top |
Include VPN rules (INCVPN)
Specifies whether to load the GUI generate VPN filter rules. The GUI product automatically creates these filter rules that VPN requires in order to work properly.
- *NO
- The GUI generated VPN filter rules will not be loaded.
- *YES
- The GUI generated VPN filter rules will be loaded.
| Top |
Examples
Example 1: Load Filter Rules on a Single Interface
LODIPFTR OPTION(*LOAD) LIND(ETHLINE)
STMF('/QIBM/UserData/OS400/TCPIP/PacketRules/test.i3p')
INCVPN(*NO)
This command loads the filter rules from stream file /QIBM/UserData/OS400/TCPIP/PacketRules/test.i3p on the ETHLINE line.
Example 2: Load Filter Rules on All Interfaces
LODIPFTR OPTION(*LOAD) LIND(*ALL)
STMF('/QIBM/UserData/OS400/TCPIP/PacketRules/test.i3p')
INCVPN(*YES)
This command loads the filter rules from stream file /QIBM/UserData/OS400/TCPIP/PacketRules/test.i3p on all of the interfaces.
Example 3: Unload Filter Rules from All Interfaces
LODIPFTR OPTION(*UNLOAD) LIND(*ALL)
This command unloads the filter rules from all of the interfaces.
| Top |
Error messages
*ESCAPE Messages
- TCP5A50
- Load of IP filter rules failed.
- TCP5A51
- Unload of IP filter rules failed.
| Top |