ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzajb_5.4.0.1/rzajbactivaterules.htm

80 lines
6.1 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Activate packet rules" />
<meta name="abstract" content="Activating the packet rules that you create is the final step in configuring packet rules." />
<meta name="description" content="Activating the packet rules that you create is the final step in configuring packet rules." />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajbx1creatingnewrulessd.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajb8a1verifyingsd.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajb0dexample2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajb0eexample3.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajb0fexample4.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajb0gexample5.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajbrzajbx2managingrulessd.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="activaterules" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Activate packet rules</title>
</head>
<body id="activaterules"><a name="activaterules"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Activate packet rules</h1>
<div><p>Activating the packet rules that you create is the final step in
configuring packet rules.</p>
<div class="section"><p>You must activate, or load, the rules that you created in order
for them to work. However, before you activate your rules you should verify
that they are correct. Always attempt to resolve any problems before activating
your packet rules. If you activate rules that have errors or that are ordered
incorrectly, your system will be at risk. Your system has a verify function
that is automatically invoked any time you activate your rules. Because this
automatic feature only checks for major syntactical errors, you should not
rely solely on it. Make sure to always manually check for errors in your rules
files as well.</p>
<p>When filter rules are not applied to an interface (for
example, you are only using NAT rules, not filtering rules), a warning (TCP5AFC)
appears. This is not an error. It only verifies whether using one interface
is your intention. Always look at the last message. If it says
the activation is successful, then the messages above it are all warnings. </p>
<div class="note"><span class="notetitle">Note:</span> When
you activate new rules on all interfaces, they replace all previous rules
on all physical interfaces. Even if a physical interface is not mentioned
in the new rules, it will be replaced. However, if you choose to activate
new rules on a specific interface, the rules will only replace the rules on
that specific interface. Existing rules on other interfaces will be untouched.</div>
<p>After
your packet rules have been configured and activated, you might need to periodically
manage them to ensure the security of your system. </p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajbrzajbx1creatingnewrulessd.htm" title="Read the checklist that contains an overview of the tasks you must complete to ensure that your rules work properly when activated.">Configure packet rules</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzajbrzajb8a1verifyingsd.htm" title="Always verify your rules before you activate them. This helps ensure that the rules will be activated without problems.">Verify packet rules</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzajbrzajb0dexample2.htm" title="In this scenario, your company uses static network address translation (NAT) to map its private IP addresses to public addresses.">Scenario: Map IP addresses using NAT</a></div>
<div><a href="rzajbrzajb0eexample3.htm" title="In this scenario, your company uses IP filtering to restrict the IP traffic that can access its Web server to HTTP, Telnet, and FTP.">Scenario: Create filter rules to allow HTTP, Telnet, and FTP</a></div>
<div><a href="rzajbrzajb0fexample4.htm" title="In this scenario, your company combines network address translation (NAT) and IP filtering together. Your company wants to hide its personal computers and Web server behind a single, public, IP address and to allow other companies to access the Web server.">Scenario: Combine NAT and IP filtering</a></div>
<div><a href="rzajbrzajb0gexample5.htm" title="In this scenario, your company uses masquerade network address translation (NAT) to hide the private addresses of your personal computers. At the same time, your company allows your employees to access the Internet.">Scenario: Hide IP addresses using masquerade NAT</a></div>
</div>
<div class="reltasks"><strong>Related tasks</strong><br />
<div><a href="rzajbrzajbx2managingrulessd.htm" title="To maintain the security of your system and the integrity of your packet rules, periodically perform the management tasks.">Manage packet rules</a></div>
</div>
</div>
</body>
</html>