Tcp/ip port restriction – IBM SC41-5420-04 User Manual

Page 76

Advertising
background image

a specific route defined. The system allows up to eight default routes, but each
route must have a unique next hop value.

An example of a multiple route table can be found in Figure 54.

TCP/IP Port Restriction

TCP and UDP protocols use ports to identify a unique origin or destination of
communication with an application. Each port is assigned a small integer. You can
configure port information if you want to restrict the use of a TCP or UDP port to
one or more user IDs.

The range of port numbers is from 1 to 65535. However, ports 0-1023 are reserved
as well-known port numbers, which are controlled and assigned by the Internet
Assigned Numbers Authority (IANA). Only those applications that have been
assigned one of these ports should use a number within this range. Refer to the
current Assigned Numbers RFC for a list of the port assignments.

Because this range of port numbers, 0-1023, is reserved for the well-known ports,
they should not be used by user application programs because it could affect the
operation of TCP/IP. For example, restricting the use of ports 21, 23, or 25,
prevents other users from using FTP, TELNET, or SMTP, respectively.

The iSeries Add TCP/IP Port Restriction (ADDTCPPORT) command allows you to
restrict usage of a single port or a range of ports to a particular iSeries user profile.

Restricting ports is like allocating ports to a specific user profile. When a socket
application issues the bind() system call, or when a TCP/UDP Pascal API
application issues a call to the TcpOpen, TcpWaitOpen, or UdpOpen function, the
job’s user profile is checked against the list of user profiles that are associated with

Work with TCP/IP Routes

System:

SYSNAM003

Type options, press Enter.

1=Add

2=Change

4=Remove

5=Display

Route

Subnet

Next

Preferred

Opt

Destination

Mask

Hop

Interface

_

______________

______________

______________

_

*DFTROUTE

*NONE

9.4.73.193

*NONE

_

*DFTROUTE

*NONE

9.4.73.197

*NONE

_

*DFTROUTE

*NONE

9.4.73.196

*NONE

_

9.4.70.0

255.255.255.0

9.4.73.194

*NONE

_

9.4.70.0

255.255.255.0

9.4.73.195

*NONE

_

9.4.70.0

255.255.255.0

9.4.73.198

*NONE

Bottom

F3=Exit

F5=Refresh

F6=Print list

F10=Work with IP over SNA routes

F11= Display type of service F12=Cancel

F17=Top

F18=Bottom

Figure 54. Work with TCP/IP Routes Display

62

OS/400 TCP/IP Configuration and Reference V5R1

Advertising