TCP Firewall Configuration Example

The IBM® Connect:Direct® administrator configures the local node to listen on port 2264, and the following initialization parameter settings are used to configure the local node's source ports:

  • tcp.src.ports = (333.333.333.333, 2000–2200)
  • tcp.src.ports.list.iterations = 1

This configuration specifies to use a source port in the range 2000–2200 when communicating with the remote node's address 333.333.333.333 and to search the port range one time for an available port. The local node will act as both a PNODE and an SNODE when communicating with the remote node.

Based on this scenario, the firewall rules for the local node are the following:

Rule Name Rule Direction Local Ports Remote Ports
PNODE session request Outbound 2000–2200 3364
SNODE session Inbound 2264 3000–3300