The following
parameters can be used to filter the output of the specified report.
If you specify a filter parameter on the TSO NETSTAT command, it must
be the last parameter on the command line preceded by a left parenthesis.
- APPLD/-G appldata
- Filter the output of the ALL/-A, ALLConn/-a,
and COnn/-c reports using the specified
application data appldata. You can enter
one filter value at a time that can be 40 characters in length.
- APPLname/-N applname
- Filter the output of the TELnet/-t report
using the specified VTAM® application
name applname. You can enter up to six filter
values and each specified value can be eight characters in length.
- CLIent/-E clientname
- Filter the output of the ALL/-A, ALLConn/-a,
BYTEinfo/-b, CLient/-e,
COnn/-c, SOCKets/-s,
and TELnet/-t reports using the specified
client name clientname. You can enter up
to six filter values and each specified value can be eight characters
in length.
- CONNType/-X
- Filter the report using the specified connection type. You can
enter one filter value at a time.
- NOTTLSPolicy
- Filter the output of the ALLConn/-a and
COnn/-c reports, displaying only connections
that have not been matched to an Application Transparent Transport
Layer Security (AT-TLS) rule. This includes connections that were
established while the AT-TLS function was disabled (the value NOTTLS
was specified on the TCPCONFIG statement or is in effect by default)
and all connections that are not TCP protocol. For TCP connections
that were established when the AT-TLS function was enabled, this includes
the following connections:
- Connections for which AT-TLS policy lookup has not yet occurred
(typically the first send or receive has not yet been issued)
- Connections for which AT-TLS policy lookup has occurred but no
matching rule was found
- TTLSPolicy
- Filter the output of the ALLConn/-a and
COnn/-c reports, displaying only connections
that match an Application Transparent Transport Layer Security (AT-TLS)
rule. This includes only connections that were established while
the AT-TLS function was enabled, for which an AT-TLS policy rule was
found with the value TTLSEnabled ON or TTLSEnabled
OFF specified in the TTLSGroupAction. Responses can be further
limited on AT-TLS connection type. AT-TLS connection type has the
following values:
- CURRent
- Display only connections that are using AT-TLS where the rule
and all actions are still available to be used for new connections.
- GRoup groupid
- Display only connections that are using the AT-TLSgroup specified
by the groupid value. The specified groupid value
is a number that is assigned by the TCP/IP stack to uniquely identify
an AT-TLS group. You can determine the groupid value
from the GroupID field that is displayed in the Netstat TTLS/-x GROUP
report.
- STALE
- Display only connections that are using AT-TLS where the rule
or at least one action is no longer available to be used for new connections.
- DNSAddr/-Q dnsaddr
- Filter the output of the RESCache/-q report
using the specified DNS IP address dnsaddr.
You can enter one filter value at a time. The specified IPv4 dnsaddr value
can be 1–15 characters in length; the specified IPv6 dnsaddr value
can be 1–45 characters in length.
Restriction: The
DNSAddr/-Q filter does not support wildcard
characters.
- HOSTName/-H hostname
- Filter the output of the ALL/-A, ALLConn/-a,
BYTEinfo/-b, COnn/-c,
RESCache/-q, SOCKets/-s,
TELnet/-t, and VCRT/-V reports
using the specified host name value hostname.
You can enter one filter value at a time and the specified value can
be up to 255 characters in length.
Result: For
reports other than those produced using the RESCache/-q option,
at the end of the report, the Netstat command displays the host name
that the resolver used for the resolution and the list of IP addresses
returned from the resolver that it used as filters.
Restrictions:
- The HOSTName/-H filter supports wildcard
characters only for the RESCache/-q option,
but not for other options.
- With options other than the RESCache/-q option,
using the HOSTName filter might cause delays in the output because
the hostname value must be resolved (depending
on resolver and DNS configuration).
- For the RESCache/-q option, the HOSTName/-H filter
applies only to the HostName to IPAddress translation portion of the
report.
- INTFName/-K intfname
- Filter the output of the DEvlinks/-d and
HOme/-h reports using the specified interface
name value intfname. You can enter one filter
value at a time and the specified value can be 1–16 characters
in length.
For the DEvlinks and HOme report options, the INTFName
filter can be one of the following names:
- The link name of a network interface that was configured on a
LINK profile statement (this option selects one interface).
- The interface name of a network interface that was configured
on an INTERFACE profile statement (this option selects one interface).
- The port name of an OSA-Express feature in QDIO mode. This is
the name that is specified on the PORTNAME keyword in the TRLE (this
option selects all interfaces that are associated with the OSA-Express
port, including an OSAENTA trace interface).
- The name of a HiperSockets™ TRLE
(this option selects all interfaces that are associated with the HiperSockets TRLE).
Additionally, for the DEvlinks report option, the INTFName
filter can also be the interface name of an OSAENTA trace interface,
which is EZANTAportname, where the portname value
is the name that is specified on the PORTNAME keyword in the TRLE
for the OSA-Express port that is being traced (this option selects
one interface).
Guideline: For
the DEvlinks/-d option, if a network resource
has been coded in TCPIP.PROFILE using the DEVICE/LINK/HOME statements,
then the intfname value that should be used
is the link name that was specified on the LINK profile statement.
Otherwise, use the interface name that was specified on the INTERFACE
profile statement.
Restriction: The
INTFName filter does not support wildcard characters.
- IPAddr/-I ipaddrIPAddr/-I ipaddr/prefixlengthIPAddr/-I ipaddr/subnetmask
- Filter the report output using the specified IP address ipaddr, ipaddr/prefixlength,
or ipaddr/subnetmask. For options other
than the RESCache/-q option, you can enter
up to six filter values; the RECache/-q option
accepts only one filter value at a time in ipaddr format.
Each specified IPv4 ipaddr value can be
1–15 characters in length and each selected IPv6 ipaddr value
can be 1–45 characters in length.
-
- ipaddr
- Filter the output of the ALL/-A, ALLConn/-a,
BYTEinfo/-b, COnn/-c,
Gate/-g, ND/-n,
RESCache/-q, ROUTe/-r,
SOCKets/-s, TELnet/-t,
VCRT/-V, VDPT/-O,
and VIPADCFG/-F reports using the specified
IP address ipaddr. For all options except
the RESCache/-q option, the default subnet
mask 255.255.255.255 is used for IPv4 addresses; for IPv6 addresses,
the default prefixlength value 128 is used.
The RECache/-q option does not support
any default subnet mask or default prefixlength values.
- ipaddr/prefixlength
- Filter the output of the ALL/-A, ALLConn/-a,
BYTEinfo/-b, COnn/-c,
ND/-n, ROUTe/-r,
SOCKets/-s, TELnet/-t,
VCRT/-V, VDPT/-O,
and VIPADCFG/-F reports using the specified
IP address and prefix length ipaddr/prefixlength.
For an IPv4 address, the prefix length range is 1 – 32. For
an IPv6 address, the prefix length range is 1 – 128.
- ipaddr/subnetmask
- Filter the output of the ALL/-A, ALLConn/-a,
BYTEinfo/-b, COnn/-c,
Gate/-g, ROUTe/-r,
SOCKets/-s, TELnet/-t,
VCRT/-V, VDPT/-O,
and VIPADCFG/-F reports using the specified
IP address and subnet mask ipaddr/subnetmask.
The IP address ipaddr in this format must
be an IPv4 IP address.
Note: - For the Gate/-g option, ipaddr is
the destination IP address; it is not the destination network address.
- When filtering Gate/-g and ROUTe/-r outputs
on a specified IP address, the DEFAULT and DEFAULTNET routes are not
displayed.
Guidelines:
- For ALL/-A, ALLConn/-a,
COnn/-c, and TELnet/-t options, ipaddr can
be either the local or remote IP address. For the BYTEinfo/-b option, ipaddr can
be a remote IP address. For the SOCKets/-s option, ipaddr can
be an address to which the socket is bound or connected. For the VCRT/-V option, ipaddr can
be a source IP address, a destination IP address, or a destination
XCF IP address. For the VDPT/-O option, ipaddr can
be a destination IP address or a destination XCF IP address. For the
VIPADCFG/-F option, ipaddr can
be a dynamic VIPA address, a destination IP address, or a destination
XCF IP address.
- For an IPv6-enabled stack (except for RESCache/-q option):
- Both IPv4 and IPv6, ipaddr values are
accepted and can be mixed on the IPAddr/-I option.
- For an IPv6-enabled stack, an IPv4-mapped IPv6 address is accepted
as a valid ipaddr value and usually provides
the same result as its IPv4 address. But, for ROUTE/-r and
ND/-n options, an IPv4-mapped IPv6 address
is treated as an IPv6 address. If an IPv4-mapped IPv6 address is entered
as an ipaddr value for these two options,
no matching entry is found.
- For the RESCache/-q option, the ipaddr value
can be either an IPv4 or IPv6 address regardless of whether the stack
is configured for IPv4 or IPv6 operation.
Restrictions:
- The IPAddr/-I filter for RESCache/-q,
VCRT/-V, VDPT/-O,
and VIPADCFG/-F options does not support
wildcard characters.
- The IPAddr/-I filter for an IPv6 address
does not support wildcard characters.
- For a UDP endpoint socket, the filter value applies only to the
local or source IP address.
- For all options except the RESCache/-q option,
for an IPv4-only stack, only IPv4 ipaddr values
are accepted. The RECache/-q option always
accepts IPv4 and IPv6 addresses, regardless of the capability of the
stack.
- For the ND/-n option, an IPv4 ipaddr value
is not accepted.
- For the RESCache/-q option, the IPAddr/-I
filter applies only to the IPAddress to HostName translation portion
of the report.
- The RECache/-q option accepts only one
filter value at a time in ipaddr format.
- IPPort/-B ipaddr+portnum
- Filter the report output of the ALL/-A,
ALLConn/-a, CONN/-c,
SOCKets/-s, TELnet/-t,
VCRT/-V, and VDPT/-O reports
using the specified IP address and port number. You can enter up to
six filter values. Each specified IPv4 ipaddr value
can be up to 15 characters in length, denoting a single IPv4 IP address;
each specified IPv6 ipaddr value can be
up to 45 characters in length, denoting a single IPv6 IP address.
Valid portnum values are in the range 0 –
65535. The filter values ipaddr and portnum will
match any combination of the local and remote IP address and local
and remote port.
Guidelines:
- For the ALL/-A, ALLConn/-a,
COnn/-c, and TELnet/-t options,
the ipaddr value can be either the local
or remote IP address. For the SOCKets/-s option,
the ipaddr value can be an address to which
the socket is bound or connected. For the VCRT/-V option,
the ipaddr value can be a source IP address,
a destination IP address, or a destination XCF IP address. For the
VDPT/-O option, the ipaddr value
can be a destination IP address or a destination XCF IP address.
- For an IPv6-enabled stack, the following apply:
- Both IPv4 and IPv6 ipaddr values are
accepted and can be mixed on the IPPort/-B option.
- An IPv4-mapped IPv6 address is accepted as a valid ipaddr value
and usually provides the same result as the IPv4 address.
Restrictions:
- The ipaddr value in the IPPort/-B filter
does not support wildcard characters.
- For an IPv4-only stack, only IPv4 ipaddr values
are accepted.
- For a UDP endpoint socket, the filter value applies only to the
local or source IP address and port.
- An entry is returned only when both the ipaddr and portnum values
match.
- LUName/-L luname
- Filter the output of the TELnet/-t report
using the specified LU name luname. You
can enter up to six filter values and each specified value can be
up to eight characters in length.
- NOTN3270/-T
- Filter the output of the ALL/-A, ALLConn/-A,
BYTEinfo/-b, CLient/-e,
COnn/-c, and SOCKets/-s reports,
excluding TN3270 server connections.
- POLicyn/-Y policyname
- Filter the output of the SLAP/-j report
using the specified policy rule name policyname.
You can enter one filter value at a time and the specified value can
be up to 48 characters in length.
- POrt/-P portnum
- Filter the output of the ALL/-A, ALLConn/-a,
COnn/-c, PORTList/-o,
SOCKets/-s, TELnet/-t,
VCRT/-V, and VDPT/-O reports
using the specified port number portnum.
You can enter up to six filter values.
Guidelines:
Restriction: - No wildcards are allowed.
- For a UDP endpoint socket, the filter value applies only to the
local or source IP address.
- SMCID/-U smcid
- Filter the output of the ALL/-A, ALLConn/-a, COnn/-c, and DEvlinks/-d
reports by using the specified Shared Memory Communications over Remote
Direct Memory Access (SMC-R) link or link group identifier smcid. If
an asterisk (*) is specified for the filter value, Netstat provides
output only for the entries that are associated with SMC-R link, and
link groups. You can enter one filter value at a time.
Except for POrt/-P, INTFName/-K,
CONNType/-X TTLSPolicy GRoup groupid,
DNSAddr/-Q, SMCID/-U and
IPPort/-B, the filter value can be a complete
or partial string using wildcard characters. A wildcard character
can be an asterisk (*), which matches a null string or any character
or character string, at the same position. A wildcard character can
be a question mark (?), which matches any single character at the
same position. For example, a string searchee matches with *ar?he*,
but the string searhee does not match with *ar?he*.
If you want to use the wildcard character on the IPAddr/-I parameter,
you must specify the value in the ipaddr format.
The wildcard character is not accepted for the ipaddr/subnetmask or ipaddr/prefixlen format
of IPAddr/-I values.
When you use z/OS UNIX netstat/onetstat command
in a z/OS UNIX shell
environment, take care when you use a z/OS UNIX MVS™ special character in a character
string such as using a wildcard character in a filter value. It might
cause an unpredictable result. To be safe, if you want to use a z/OS UNIX MVS special character in a character
string, surround the character string with single (') or double (")
quotation marks. For example, to use an asterisk (*) in the IP address,
10.*.0.0 for the -I filter, issue the command
as: netstat -g -I '10.*.0.0' or netstat
-g -I "10.*.0.0".