imptun Command

Purpose

Adds the exported tunnel definitions and optional user-defined filter rules associated with the tunnels to the local host.

Syntax

imptun -f directory-t tunnel_id_list ] [  -v 4 | 6 ] [  -n ] [  -r ] [  -g ] [  -l manual ]

Description

Use the imptun command to add exported tunnel definitions and optional user-defined filter rules associated with the exported tunnels (files generated by the tunnel owner by using the exptun command) to the local host. This command can also import tunnel definitions from the exported files generated by the IBM® firewall (SNG) product export command.

A new tunnel ID is generated by the local host when a tunnel is imported to the local tunnel table. The auto-generated filter rules associated with the tunnel also is generated automatically. Importing the exported user-defined filter rules is optional.

If the exported files are transmitted by diskette, it is assumed they will be loaded to a local file directory using a command such as tar, depending on the tunnel owner's instructions.

Flags

Item Description
-f Specifies the directory from where the exported files will be read.
-g The suppress system auto-generated filter rule flag. If the -g flag is not used, the imptun command generates two filter rules for each imported tunnel automatically. The auto-generated filter rules allow all traffic between the two end points of the tunnel to go through the tunnel. If the -g flag is specified, the command only imports the tunnel IBM definitions, and the user must add user-defined filter rules to use the tunnel.
-l Specifies the type of the tunnel(s) you want to import. If manual is specified, only manual tunnel(s) are imported. -n and -l flags are mutually exclusive.
-n Specifies that the export files were generated by the IBM firewall (version 2.2) tunnel export command. This flag cannot be specified with the -v flag. The -n flag is also mutually exclusive with the -r flag.
-r Imports the user-defined filter rules associated with the tunnels that are being imported. To use the -r flag, it must have been specified with the exptun command when the exported files were generated. The -r flag is mutually exclusive with the -n flag.
-t Lists the set of tunnel IDs to be imported from the export files. The tunnel definitions identified by these tunnel IDs are added to the local host. If this flag is not used, all the tunnel definitions in the export files are added to the local host.
-v Specifies the IP version of the tunnel definitions from the exported files that you wish to import. If the -v flag is not given, then all IP version 4 and IP version 6 tunnel definitions that exist in the export files are imported.

Security

Attention RBAC users and Trusted AIX users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in AIX® Version 7.1 Security. For a list of privileges and the authorizations associated with this command, see the lssecattr command or the getcmdattr subcommand.