z/OS® UNIX ipsec command IP traffic test (-t) option parameters
- SrcIpAddr
- The source IP address of the traffic to be tested or protected. Tip: To simulate an application that allows the TCP/IP stack to select the source address for an outbound packet, a value of 0.0.0.0 (for IPv4) or :: (for IPv6) can be specified for the source address. The displayed Testdata reflects the source address selected by the TCP/IP stack, not the 0.0.0.0 or :: value.
- DestIpAddr
- The destination IP address of the traffic to be tested or protected.
- Protocol Specification
- A protocol keyword can be selected from those shown in the syntax
diagram, or a protocol number of the traffic to be tested. The IP
traffic test matches on protocol when the IP filter contains the same
protocol number or when the IP filter applies to all protocols.
- SrcPortDestPort
- If the TCP or UDP protocol keywords are specified, then source
and destination port numbers must be supplied. Port number 0 indicates
to match any port.
For traffic that traverses a NAT, an internal remote port translation function is used in some cases to increase usability. Remote port translation is applicable only to ephemeral ports (ports in the range 1024 - 65 535). If the remote port translation function is being used, then there is both an original remote port value and a translated remote port value. The traffic test treats the input remote port (source port for an inbound packet, destination port for an outbound packet) as the original port value. In most cases when remote port translation is performed, the specific port value is not known and the value 0 should be specified on input to the traffic test. For more details about NAT traversal and remote port translation, see the remote port translation information in the z/OS Communications Server: IP Configuration Guide.
- Direction Specification
- The traffic direction can be specified as in or out. If the traffic
direction keyword is not specified, then both in and out directions
are used.
- SecurityClass
- If the traffic direction keyword in is specified, then a security class must be supplied. A SecurityClass value of 0 indicates to match any security class.
- -r format
- Displays IP Security information in a given format. The default
format is
detail
. See The ipsec command general report concepts for a description of the different report formats.
See also IP traffic test (-t) primary option for report details and examples.