Topic
1 reply Latest Post - ‏2013-03-14T10:56:32Z by ITM61
ERICLJEF
ERICLJEF
21 Posts
ACCEPTED ANSWER

Pinned topic ITM limit agent localhost ports not being restricted

‏2013-03-02T00:21:56Z |
im a bit stuck.. i thought i had made the needed modifications according to various tech notes but localhost agent ports are not being limited to the pool i assigned. The only ports/connections that did stay within the pool are those communicating with the TEMS.

what as i missing?????

Thanks.

export KDC_FAMILIES=ip.pipe port:1918 pool:63010-63099 ip use:n ip.spipe use:n sna use:n

below is ux agent on solaris 9
4: S_IFSOCK mode:0666 dev:372,0 ino:62070 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 0.0.0.0 port: 53728
5: S_IFDOOR mode:0444 dev:374,0 ino:501 uid:0 gid:0 size:0
O_RDONLY|O_LARGEFILE FD_CLOEXEC door to nscd9009
6: S_IFSOCK mode:0666 dev:372,0 ino:17675 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 0.0.0.0 port: 53729
7: S_IFSOCK mode:0666 dev:372,0 ino:61243 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 127.0.0.1 port: 53730
peername: AF_INET 127.0.0.1 port: 1920
8: S_IFSOCK mode:0666 dev:372,0 ino:45286 uid:0 gid:0 size:0
O_RDWR FD_CLOEXEC
sockname: AF_INET 127.0.0.1 port: 53731
9: S_IFSOCK mode:0666 dev:372,0 ino:41732 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 127.0.0.1 port: 53732
peername: AF_INET 127.0.0.1 port: 53731
10: S_IFSOCK mode:0666 dev:372,0 ino:57913 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 127.0.0.1 port: 53731
peername: AF_INET 127.0.0.1 port: 53732
11: S_IFSOCK mode:0666 dev:372,0 ino:41738 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 127.0.0.1 port: 53733
peername: AF_INET 127.0.0.1 port: 3661

18: S_IFSOCK mode:0666 dev:372,0 ino:62403 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 10.162.14.50 port: 63011
peername: AF_INET 10.162.10.203 port: 1918
19: S_IFSOCK mode:0666 dev:372,0 ino:44440 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 127.0.0.1 port: 53731
peername: AF_INET 127.0.0.1 port: 53940
20: S_IFSOCK mode:0666 dev:372,0 ino:30033 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK FD_CLOEXEC
sockname: AF_INET 127.0.0.1 port: 53940
peername: AF_INET 127.0.0.1 port: 53731
Updated on 2013-03-14T10:56:32Z at 2013-03-14T10:56:32Z by ITM61
  • ITM61
    ITM61
    167 Posts
    ACCEPTED ANSWER

    Re: ITM limit agent localhost ports not being restricted

    ‏2013-03-14T10:56:32Z  in response to ERICLJEF
    sorry i didn't get your point.
    the pool definition in the KDC_FAMILIES is to force the communication from agent to TEMS to use a specified pool range.
    As you told us this is working.
    ??