HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: SD: Port selection of clients
Operating System - HP-UX
1832350
Members
2649
Online
110041
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2004 01:20 AM
12-13-2004 01:20 AM
Hi,
I would like to run the Software Distributor's clients (e.g. swlist, swinstall) connecting to a user specified port.
The reason for this is because I need to cross a firewall that rejects everything but 22/tcp.
With SSH's "-L 7777:sw_depot_server:2121" switch I initiated a tunnel through the firewall to the gateway.
Local port 7777 was chosen arbitrarily because it hasn't been in use.
Foreign port 2121 was chosen by me as the suspected swagentd servicing port.
From an lsof on the swagetnd's PID on sw_depot_server I found that this process had bound a listening socket to 2121/tcp.
But lsof also showed a lingering 2121/udp socket, which I fear renders my SSH tunnelling attempts useless anyway (which restricts me to TCP).
Unfortunately in SD manpages wasn't mentioned which ports it makes use of.
Now (if only the TCP channel was required) all that I theoretically would need to do was to establish an swlist or swinstall process to local port 7777.
But as you probably foresaw, this doesn't work,
and I'm only timed out.
Is anyone similarily impaired by a firewall but who has devised a hack to circumvent it?
Regards
Ralph
I would like to run the Software Distributor's clients (e.g. swlist, swinstall) connecting to a user specified port.
The reason for this is because I need to cross a firewall that rejects everything but 22/tcp.
With SSH's "-L 7777:sw_depot_server:2121" switch I initiated a tunnel through the firewall to the gateway.
Local port 7777 was chosen arbitrarily because it hasn't been in use.
Foreign port 2121 was chosen by me as the suspected swagentd servicing port.
From an lsof on the swagetnd's PID on sw_depot_server I found that this process had bound a listening socket to 2121/tcp.
But lsof also showed a lingering 2121/udp socket, which I fear renders my SSH tunnelling attempts useless anyway (which restricts me to TCP).
Unfortunately in SD manpages wasn't mentioned which ports it makes use of.
Now (if only the TCP channel was required) all that I theoretically would need to do was to establish an swlist or swinstall process to local port 7777.
But as you probably foresaw, this doesn't work,
and I'm only timed out.
Is anyone similarily impaired by a firewall but who has devised a hack to circumvent it?
Regards
Ralph
Madness, thy name is system administration
Solved! Go to Solution.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2004 03:02 AM
12-13-2004 03:02 AM
Re: SD: Port selection of clients
There is more info on the port binding of SD in
section 5 man page of sd, 'man 5 sd':
rpc_binding_info=ncacn_ip_tcp:[2121] ncadg_ip_udp:[2121]
Defines the protocol sequence(s) and endpoint(s) on
which the daemon listens and on which the other
commands use to contact the daemon. If the connection
fails for one protocol sequence, the next is attempted.
SD supports both the tcp (ncacn_ip_tcp:[2121]) and udp
(ncadg_ip_udp:[2121]) protocol sequence on most
platforms.
The value (or values for swagentd) can have following
form:
+ A DCE string binding containing a protocol
sequence and an endpoint. The syntax is:
protocol_sequence:[endpoint].
+ The name of a DCE protocol sequence with no
endpoint specified. The syntax is:
protocol_sequence, for example ncadg_ip_udp or
ncacn_ip_tcp. (A trailing : can be attached to
the protocol sequence, it has no effect.) Since no
endpoint is specified, the DCE endpoint mapper
rpcd must be running and will be used to find the
endpoint registered by the swagentd.
+ The literal string all. This entry means to use
(try) all protocol sequences supported by the DCE
RPC. It should be the only entry in the list.
The DCE endpoint mapper rpcd also must be running
in order to use this option.
Applies to all commands except swask, swpackage, and
swmodify.
Hewlett-Packard Company - 41 - HP-UX Release 11i: November 2000
sd(5) sd(5)
Hewlett-Packard Company
rpc_binding_info_alt_source=ncadg_ip_udp:[2121]
Defines the protocol sequence(s) and endpoint(s) used
when the agent attempts to contact an alternate source
depot specified by the alternate_source option. SD
supports both the udp(ncadg_ip_udp:[2121]) and
tcp(ncacn_ip_tcp:[2121]) protocol sequence/endpoint.
Applies to swagent.
section 5 man page of sd, 'man 5 sd':
rpc_binding_info=ncacn_ip_tcp:[2121] ncadg_ip_udp:[2121]
Defines the protocol sequence(s) and endpoint(s) on
which the daemon listens and on which the other
commands use to contact the daemon. If the connection
fails for one protocol sequence, the next is attempted.
SD supports both the tcp (ncacn_ip_tcp:[2121]) and udp
(ncadg_ip_udp:[2121]) protocol sequence on most
platforms.
The value (or values for swagentd) can have following
form:
+ A DCE string binding containing a protocol
sequence and an endpoint. The syntax is:
protocol_sequence:[endpoint].
+ The name of a DCE protocol sequence with no
endpoint specified. The syntax is:
protocol_sequence, for example ncadg_ip_udp or
ncacn_ip_tcp. (A trailing : can be attached to
the protocol sequence, it has no effect.) Since no
endpoint is specified, the DCE endpoint mapper
rpcd must be running and will be used to find the
endpoint registered by the swagentd.
+ The literal string all. This entry means to use
(try) all protocol sequences supported by the DCE
RPC. It should be the only entry in the list.
The DCE endpoint mapper rpcd also must be running
in order to use this option.
Applies to all commands except swask, swpackage, and
swmodify.
Hewlett-Packard Company - 41 - HP-UX Release 11i: November 2000
sd(5) sd(5)
Hewlett-Packard Company
rpc_binding_info_alt_source=ncadg_ip_udp:[2121]
Defines the protocol sequence(s) and endpoint(s) used
when the agent attempts to contact an alternate source
depot specified by the alternate_source option. SD
supports both the udp(ncadg_ip_udp:[2121]) and
tcp(ncacn_ip_tcp:[2121]) protocol sequence/endpoint.
Applies to swagent.
etouq ot hguone revelc ton m'i
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2004 04:36 AM
12-13-2004 04:36 AM
Solution
I don't think having a single port opened is going to be sufficient because more than 2121 is used. The client (swinstall,swlist etc.) contact the server (swagentd) on 2121, then swagentd sets up another agent on a high numbered port to handle the rest of the transaction. The server then sends information back to the client about the high numbered port to do the remainder of the transaction on.
swlist (---> swagentd:2121)
swagentd (<----> agent:4001)
swlist (<-- use 4001 swagentd)
swlist (---> agent:4001)
RPC_RESTRICTED_PORTS is an environment variable that can be used to narrow the range of client prots. It has been discussed in the forums before.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=6050
swlist (---> swagentd:2121)
swagentd (<----> agent:4001)
swlist (<-- use 4001 swagentd)
swlist (---> agent:4001)
RPC_RESTRICTED_PORTS is an environment variable that can be used to narrow the range of client prots. It has been discussed in the forums before.
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=6050
etouq ot hguone revelc ton m'i
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2004 07:16 PM
12-13-2004 07:16 PM
Re: SD: Port selection of clients
Michael,
many thanks for pointing me to the right manpage.
I must have missed this one.
Also thanks for your explanations of the involved protocol.
I have to admid that I've never taken care of applications written under the Distributed Computing Environment paradigm.
I think this was in vogue long before I ever got exposed to Unix.
I hear they've had new hypes like CORBA, SOAP etc. since then.
many thanks for pointing me to the right manpage.
I must have missed this one.
Also thanks for your explanations of the involved protocol.
I have to admid that I've never taken care of applications written under the Distributed Computing Environment paradigm.
I think this was in vogue long before I ever got exposed to Unix.
I hear they've had new hypes like CORBA, SOAP etc. since then.
Madness, thy name is system administration
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP