Hi all:
Oracle's SQL*Net is a rather tricky protocol but it can be managed keeping in mind the following:
SQL*Net (on Unix) uses only one port which by default is 1521 and is defined in your listener.ora file (for the rdbms server) and tnsnames.ora (for the client).
According to the info I got on SQL*Net (which you can get a hold of in Oracle's Metalink look for Notes 125021.1 and 66382.1) There are two exceptions on which SQL*net will negotiate the port number (once again in Unix):
a) Your RDBMS Server is configured with the Multithreaded Server option
b) you are using Oracle SSL
In case your installation is using MTS (MultiThreaded Server) you can specify on which port number each dispatcher will listen.
As for SSL the docs I mentioned are less clear on what to do, they say that the ports can be specified but give no examples. They also mention that an alternative (if you are using SQL*net version 8) would be to use a software package called Oracle Conection Manager which supposedly can do things like discriminate from which IP addresses will accept connections and will also show a fixed port number so the traffic can be rerouted via a packet filtering firewall.
On NT Oracle WILL negotiate the port number regardless of what options you are using , but it can be forced (after setting a registry key called USE_SHARED_SOCKET)
Some proxy based Firewalls (such as Gauntlet) include a proxy for SQL*net, however this is in itself a can of worms since of course there at least two different versions of the protocol that they must support and also there is the usual problem with such firewalls: Performance)
Hope this helps
Regards
Bonum Est
