Policy sample files

A set of sample files is shipped with z/OS® CS that provides several functions. The first sample file provides an example of policy definitions in a Policy Agent configuration file.

/usr/lpp/tcpip/samples/pagent.conf: This file contains overall policy definition rules, syntax and semantics for defining policies in a configuration file, and examples of such policy definitions.

The next set of sample files provide sample IPSec policy definitions.

/usr/lpp/tcpip/samples/pagent_CommonIPSec.conf: This file contains sample common IPSec policy definitions. These can be referenced and reused by multiple stack-specific IPSec configuration files.
/usr/lpp/tcpip/samples/pagent_IPSec.conf: This file contains sample stack-specific IPSec policy definitions. Some of these refer to common definitions in /usr/lpp/tcpip/samples/pagent_CommonIPSec.conf.

The following file provides sample AT-TLS policy definitions.

/usr/lpp/tcpip/samples/pagent_TTLS.conf: This file contains sample AT-TLS policy definitions. These definitions can either be in a common or stack-specific AT-TLS file. If these definitions are in a common AT-TLS file, they can be referenced and reused by multiple stack-specific AT-TLS configuration files. If these definitions are in a stack-specific AT-TLS file, they are used only by that specific stack.

The following file provides sample IDS policy definitions.

/usr/lpp/tcpip/samples/pagent_IDS.conf: This file contains sample IDS policy definitions. These definitions can either be in a common or stack-specific IDS file. If these definitions are in a common IDS file, they can be referenced and reused by multiple stack-specific IDS configuration files. If these definitions are in a stack-specific IDS file, they are used by only that specific stack.

The following file provides sample policy-based routing policy definitions.

/usr/lpp/tcpip/samples/pagent_Routing.conf: This file contains sample policy-based routing policy definitions. These definitions can either be in a common or stack-specific routing file. If these definitions are in a common routing file, they can be referenced and reused by multiple stack-specific routing configuration files. If these definitions are in a stack-specific routing file, they are used by only that specific stack.

The following files include sample C applications that can be used to develop policy performance monitoring applications.

/usr/lpp/tcpip/samples/pagent/README: This file contains instructions for compiling and running the following sample C applications.
/usr/lpp/tcpip/samples/pagent/pCollector.c: This file is a sample C application (pCollector) that uses the Policy API (PAPI) interfaces to access policy performance data. It can be used as the base for an application that provides near real-time policy performance monitoring.
/usr/lpp/tcpip/samples/pagent/pCollector.h: This file is a header file for the pCollector sample application.
/usr/lpp/tcpip/samples/pagent/pLogReader.c: This file is a sample C application (pLogReader) that reads the policy performance log file to access policy performance data. It can be used as the base for an application that provides offline policy performance monitoring.

This documentation refers to Version 1 through Version 4 when defining policies.

Version 1 refers to policy definitions defined with the ServicePolicyRules and ServiceCategories statements or LDAP objects.
Version 2 through Version 4 refer to policy definitions defined with other policy statements or LDAP objects.
The primary difference between Version 2 and Version 3 is in the definition of the LDAP schema.
Version 4 is used with configuration file IDS and Routing policies.

For information about LDAP samples and schema definition files, see Using an LDAP server for policy definitions.