Hi,
If you are running performance collection services you will find that column jbipad in file QAPMJOBL holds the remote ip address.
Best regards
stefan.tageson@xxxxxxxx
M +46 732 369934
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: den 6 september 2017 15:11
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxx>
Subject: RE: Need to find any/all connections to the i via host name
Rob,
I've been running the SQL QSYS2.NETSTAT_INFO below, it is finding what I need.
SELECT REMOTE_ADDRESS , LOCAL_ADDRESS, JOB_NAME , LOCAL_PORT,
Count(*) FROM QSYS2.NETSTAT_JOB_INFO WHERE
LOCAL_ADDRESS = '1.1.1.1'
GROUP BY
ROLLUP(REMOTE_ADDRESS,LOCAL_ADDRESS,JOB_NAME,LOCAL_PORT)
The problem is it only shows that point in time.
Jobs, processes that start/end and only take a few seconds do not appear on the list.
Any thoughts on how to convert the SQL SQL QSYS2.NETSTAT_INFO to be cumulative?
Or maybe there's a better tool?
Paul
-----Original Message-----
From: Steinmetz, Paul
Sent: Friday, September 01, 2017 4:31 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: Need to find any/all connections to the i via host name
Rob,
Forgot to mention, I am currently using the
select
remote_address, remote_port, remote_port_name, local_address, local_port, local_port_name,
myudfToDoaNslookup(remote_address)
FROM QSYS2.NETSTAT_INFO
Works great.
But you can't tell if there accessing by name or ip.
Another point.
All firewall rules are currently by ip only.
So when the IP changes, the firewall rules also need to change.
There is newer version of Cisco OS which will allow firewall rules by name.
That project is in the works.
Paul
-----Original Message-----
From: Steinmetz, Paul
Sent: Friday, September 01, 2017 4:03 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: Need to find any/all connections to the i via host name
Rob,
We are finishing up a move of all traffic from Etherlan01 - ip 1.1.1.1 to Etherlan02 - ip 2.2.2.2.
Etherlan02 has additional firewall rules and not all port are open.
There are some remaining processes on Etherlan01, could be connecting via host name or ip.
When I change the host name from 1.1.1.1 to 2.2.2.2, only those processes accessing the I by host name will be impacted.
These are the ones I am a after.
If they fail, it will probably need ip and or ports open on the firewall.
Then, any traffic remaining will be those accessing the I by ip - 1.1.1.1.
We will deal with these on a one by one basis.
Paul
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob Berendt
Sent: Friday, September 01, 2017 3:53 PM
To: Midrange Systems Technical Discussion
Subject: Re: Need to find any/all connections to the i via host name
Just trying to figure out what you are asking.
At first I thought you wanted to know who was attaching to your IBM i by accessing it at "myibmi" or whatever the name was and not by using the IP address.
But as I thought about it perhaps you know you can do a NETSTAT *CNN but you want to know who is access it by the end person's host name. IOW you don't want to know that 10.10.4.27 is accessing your IBM i. You want to know the host name of 10.10.4.27 so that if it is RALPHSPC you can talk to Ralph and know that he will be affected.
I'm still trying to figure out why though. Because I don't think you can determine if Ralph is accessing it by:
- using the IP address of your ibm i
- is using a host table entry on his pc.
- or is accessing it by using a dns entry from a dns server.
In theory you shouldn't care if they are using DNS. Sure they may be affected. One little outage perhaps until the DNS cache is flushed and they reconnect. We do a switch every quarter which involves a DNS change.
Works great. We quiesce the system before changing the DNS.
Now the ones you want to hunt down and kill are those using an IP address or a local host table entry. Me, I figured it's their own stupidity and forget them.
Now, there are some querying you can do
select
remote_address, remote_port, remote_port_name, local_address, local_port, local_port_name,
myudfToDoaNslookup(remote_address)
FROM QSYS2.NETSTAT_INFO
https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ibm.com%2Fdeveloperworks%2Fcommunity%2Fwikis%2Fhome%3Flang%3Den%23!%2Fwiki%2FIBM%2520i%2520Technology%2520Updates%2Fpage%2FQSYS2.NETSTAT_INFO&data=02%7C01%7C%7Cb28ca1f048064296245b08d4f528ca35%7C40cc2915e2834a2794716bdd7ca4c6e1%7C1%7C0%7C636403002920226894&sdata=ow0OcKuD1BHxMtSVZzjfPlZ%2F%2B0Gl%2Fs3JEVL2EZIIRFw%3D&reserved=0
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.dekko.com&data=02%7C01%7C%7Cb28ca1f048064296245b08d4f528ca35%7C40cc2915e2834a2794716bdd7ca4c6e1%7C1%7C0%7C636403002920226894&sdata=1BmsLdYfjIgg4I%2BHgRzqsA36UBDTNJufAXmnE0oEPJk%3D&reserved=0
From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 09/01/2017 03:30 PM
Subject: Need to find any/all connections to the i via host name
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>
I need to find any/all connections to the I via host name.
We will be changing our host name to a different IP, and I would like to know which connections/processes could be impacted.
Thank You
_____
Paul Steinmetz
IBM i Systems Administrator
Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071
610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home
psteinmetz@xxxxxxxxxx
https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.pencor.com%2F&data=02%7C01%7C%7Cb28ca1f048064296245b08d4f528ca35%7C40cc2915e2834a2794716bdd7ca4c6e1%7C1%7C0%7C636403002920226894&sdata=SoHYcKvZo4%2Bab8XoBCqDUrF4D4KXWYJ%2F6yevyyFHHlQ%3D&reserved=0
As an Amazon Associate we earn from qualifying purchases.