All the functionality of SunScreen that is available through the administration GUI is also available through a command. Administering your Screens through the command line is useful if you do not want to use the browser or if you want to edit something quickly.
You can obtain access to a Screen using the command line from its own keyboard when the Screen is administered locally. You have superuser (root) access. You can gain access to a Screen using the command line from an Administration Station, when the Screen is administered remotely and requires that you use SKIP encryption and an administration user name and password.
You maintain user-controlled data--such as common objects like address and policy entries like rules and NAT --using the edit subcommand of ssadm.
When using the configuration editor, you must save any changes before quitting.
You invoke the configuration editor with the edit command, which is a subcommand of ssadm, and the name of your policy, such as Initial. Once it is running, the prompt becomes: edit>.
For a locally administered Screen, type:
# ssadm edit policy_name |
For a remotely administered Screen, type:
# ssadm -r Screen_name edit policy_name |