ITEM: FM5923L
Detail description of socket/ports used by sysback
Question:
Env:
AIX 4.2.1
RISC J30
sysback.obj 3.3.3.x and sysback.rte 4.1.x
Problem:
Please describe in detail the socket/ports that are used
during a sysback client/server backup and/or restore. We are
trying to configure sysback on an IBM Firewall v3 system and
the socket numbers that are being used seem to randomize below
port 1023. We know that 1239, 1022 and 1023 are being used,
but the randomly generated ports fluctuate wildly, making it
generally impossible to create secure firewall filter rules
to use in the connection/service.
Alternatively, please specify firewall filter rules that are
known to work securely and reliably with sysback client/server.
The firewall is a sysback client to sysback server on the
secure intranet side of the firewall.
Action Taken:
When the cfgremsvs command is run it does this:
it will add an entry into the /etc/servers file
sbnet 1239/tcp \# Sysback Remote Services
It will also put an entry in the inetd.conf file
sbnet stream tcp nowait root /usr/sbin/sbserver sbserver
It creates a user sbnet. The user will not be able to login
using that user.
The port used is 1239 and it is in a listen state. When the
sbclient is run from the client system
sbclient \ \
Example:
sbclient mars echo
It will then open up two sockets to communicate with the client
one for standard out and other for standard error.
Sysback uses two ports, one for standard output and one for
standard error. The first will be IPPORT_RESERVED - 1, and
the second will be IPPORT_RESERVED - 2. If either port is
already in use by another application, the number will be
decremented up to IPPORT_RESERVED / 2 until
successful. If all ports between
IPPORT_RESERVED / 2 and IPPORT_RESERVED -1 are in use, the
connection will fail with the message "all ports in use".
IPPORT_RESERVED is defined in the /usr/include/netinet/in.h
file and is set to 1024. Therefore, the ports will be 1023
and 1022 by default. If these ports are in use they may go as
low as 514 and 513, since anything under 512 is reserved.
Support Line: Detail description of socket/ports used by sysback ITEM: FM5923L
Dated: April 1998 Category: N/A
This HTML file was generated 99/06/24~13:30:14
Comments or suggestions?
Contact us