Rules Maintenance panel

SecureScreen's Rules Maintenance panel

You can set up rules for using Secure Screen by defining filters. This function maintains the filters file PSSNAP. Filters are applied to jobs that reach an inactive timeout. The action taken depends on the filter that first matches the characteristics of the inactive job.

How to Get There

To display the Rules Maintenance panel, select option 10 from the SecureScreen menu, or enter LEDTPSSFTR in the command line.

What it Does

The Rules Maintenance panel lists all filters you currently have in place, and their values. From the panel, you can add, change, copy, delete, and display filters.

Column Descriptions

Opt

Possible values are:

2=Change The selected filter is to be changed. See the Change a Filter panel

3=Copy The selected filter is to be copied. See the Copy a Filter panel

4=Delete The selected filter is to be deleted

5=Display The selected filter is to be displayed. See the Display a Filter panel

Type

The type of filter. There are six types of filters; possible values are:

*DEVD Device Description

*SBSD Subsystem Description

*RMTLOC Remote Location

*USRPRF User Profile

*GRPPRF Group User Profile

*ACGCDE Accounting Code

Identifier

Specifies the name of a device, subsystem or user, a remote location or an accounting code. A user can be either an individual user profile or a group profile. A location can be either an SNA location or an IP address. An accounting code is used by system job accounting and is normally found as an attribute of a user profile or a job description. Note that accounting codes may also be set dynamically by programs when a job is running. An IP address location should have an IP mask also specified.

Mask

Specifies the subnet mask to apply against an incoming IP address. If the incoming IP address masks to the IP address of the filter, the rule is enforced.

Examples:

IP location: 10.0.1.5

Mask: 255.255.255.255

Matches: 10.0.1.5

IP location: 10.0.1.5

Mask: 255.255.255.0

Matches: 10.0.1.0 thru 10.0.1.255

IP location: 10.0.1.5

Mask: 255.255.255.254

Matches: 10.0.1.4 thru 10.0.1.5

IP location: 10.0.1.5

Mask: 255.255.255.128

Matches: 10.0.1.128 thru 10.0.1.255

NOTE: The last two examples show that the subnet mask must be applied by the monitor program to the filter IP address as well as to the remote location address. Because of this, the mask is applied when the filter is entered, and the masked address is what is actually stored in the filter record.

Notify Administrator

Specifies to send a message to the administrator message queue when the job is inactive. The message queue name comes from the PSSANFYMQ data area.

The possible values are:

*MSG The inactive message will be copied to the administrator message queue

blank The value is ignored

Action

Specifies the action to take when an identifier is matched.

The possible values are:

*DSCJOB The job will be disconnected

*ENDJOB The job will be ended

*MSG A *break message is sent to the workstation message queue of the inactive job. This is used when all that is wanted is a warning

*IGNORE No action is taken if a job matches this filter

Log

Specifies the joblog option. This is only meaningful when the action is *DSCJOB.

The possible values are:

*LIST Print the job log

*NOLIST Do not print the job log

*N Use the default from the *DSCJOB command on your system

Drop

Specifies whether or not the connection is to be dropped if the job is disconnected or ended.

The possible values are:

*DEVD The drop value is taken from the device description

*YES The connection will be dropped

*NO The connection will be left available

*N The default from the *DSCJOB command on your system is used

Command Keys

F3 (Exit): Exit the screen without processing any pending changes.

F5 (Refresh): Refreshes the screen and resets all available text fields.

F6 (Add): Add a new SecureScreen filter.

F12 (Cancel): Exit the screen without processing any pending changes.

F17 (Top): Positions the list screen to the first record.

F18 (Bottom): Positions the list screen to the last record.

F20 (Position List):