• Subject: Fwd: NETSTAT
  • From: Mark Bauman <mlbauman@xxxxxxxxxxxx>
  • Date: Fri, 15 Aug 1997 16:19:55 -0500 (CDT)

Howdie! 

This might be a little late and I know it has already been answered but
since I received it from the owner of netstat development and support, I
figured I would post it to the list.   

> Does anyone know why, when I take option 3 off of the NETSTAT menu - 
> Work with TCP/IP connection status, and display an active connection of 
> one of my users, I can't see the remote host name?  I see their remote 
> Internet address and the port, but not the name.  I am running V3R6 
> OS/400, and all remote host names are in the hosts file in WIN95. 
> Thanx, 
> Gary 

---------- Forwarded message begins here ---------- 


Netstat uses the sockets routine gethostbyaddr() to resolve the remote
host names. If Netstat shows blanks it's because sockets was not able to
resolve the IP address into a name. 

I would guess that the following are probably true: 

1) A name server either doesn't exist (or at least AS/400 doesn't
    know about it) or doesn't know about the IP address. 
2) The AS/400 local host table does not have an entry defining a
    name for the IP address. 

If the IP address is associated with a name in a host table on a Win95
system  the AS/400 (or any other machine) will not be able to obtain
this information. That is unless the Win95 system is acting as a DNS and
AS/400 is configured to query the DNS, we won't be able to resolve the
name. 


-john martz 



Excerpts from mail: 13-Aug-97 Re: NETSTAT Gary Feinstein@PlanetHol (1635*) 

> Well, I put the host names in the Host Table on the 400 and now I can  
> see them.  Is there anything on the AS400 that will limit sessions  
> connecting based on the IP address or the host name of the PC?  
> Basically, can I restrict connections based on these parameters?   
> Gary 


Excerpts from mail: 14-Aug-97 Re: NETSTAT Jeff_Velten@at-a-glance. (1480*) 

> Hi Gary, 
> I don't think the AS/400 will let you restrict connections via TCP/IP, 
> other than limiting the pool of virtual devices available and setting 
> system value QAUTOCFG to *NO. However, for the devices without an entry in 
> the host table, you won't be able to run any of the TCP/IP commands against 
> them by hostname, such as PING, TELNET, etc... 
> You can restrict access to the 400 by ports in the TCP/IP configuration. 
> You'll need to know which ports are used for TELNET and FTP, and then 
> restrict them to specific user profiles. I haven't used this feature, so I 
> can't really explain it in depth, but it might do what you're looking for. 
> It's option 4 from the CFGTCP menu. 

(The following is my answer to the above 2 postings) 


There is currently not a way to limit sessions connecting to AS/400
servers, other than:  

1) You can use port restrictions, but that basicially just limits the
user from signing onto the server in many cases. The connection could
still be made for standard servers such as FTP and TELNET since the
initial connections are usually done using a system supplied user
profile (QTCP usually).  By the way, port restrictions allow you to
specify the user profiles you WANT to have access to a particular port. 

2) Do not activate the server - not a good solution but if you are not
using a server, such as telnet on your system, then make sure you don't
start that server as either part of the strtcp processing or other ipl
bring up.  


Mark L Bauman 
AS/400 Software Communications Development  



* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* This is the Midrange System Mailing List!  To submit a new message,   *
* send your mail to "MIDRANGE-L@midrange.com".  To unsubscribe from     *
* this list send email to MAJORDOMO@midrange.com and specify            *
* 'unsubscribe MIDRANGE-L' in the body of your message.  Questions      *
* should be directed to the list owner / operator: david@midrange.com   *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].