Jim >From the birth of "TCP/IP for MVS" around 1993 up to the OS/390 V2R5 Communications Server IP component in 1998, customers survived quite happily without the RESTRICTLOWPORTS parameter. Since IBM so very kindly finally permitted access to the online sets of manual this afternoon I was able to go back into "TCP/IP for MVS" history and check.
What might be interesting is to try to pin down whatever port it is that your RSH client is using and then try to find out why. That'll be some flavour of NETSTAT CONN. If there is a problem with the ephemeral port range somewhere, it might be best to fix it for the long term. Whoever in your installation is responsible for UNIX System Services as it relates to your Communications Server IP needs to check. Even with UNRESTRICTLOWPORTS on TCPCONFIG and UDPCONFIG as long as all the "server"/"listening" applications have an entry in the PORT statement list as you are always instructed to configure them, there is no risk to those services by stray users of any of the ports that doesn't correspond to one of your server applications. Chris Mason On Tue, 8 Mar 2011 15:22:45 +0000, Jim McAlpine <[email protected]> wrote: >On Fri, Mar 4, 2011 at 8:22 AM, Chris Mason <[email protected]> wrote: > >> Jim >> >> There are too many points of contact between what you describe and what >> APAR "PQ92115: RSH CLIENT FAILS WHEN RESTRICTLOWPORTS IS CODED IN >> TCPCONFIG" describes for it to be dismissed as "similar but not exactly the >> same problem". I'm almost certain it *is* the same problem but there is a >> mystery over the AC value. >> >> The authors of the APAR text state that going from V1R4 to V1R5 the >> linkage >> edit of the RSH client module changed from AC(1) to AC(0) but you are >> reporting that in V1R11, it is back to AC(1) - undergarments are not >> smooth! >> >> - >> >> - >> >> Chris Mason >> >> Chris, thanks for your detailed reply as usual. There is nothing wrong >with the authorization of the program AFAIKS and we don't specify any >INADDR* parameters. Given what you said about UNRESTRICTLOWPORTS, I'm going >with that resolution. > >Thanks again > >Jim McAlpine ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
