There's inbound ports, and there's outbound ports. Inbound ports generally stay active unless you end the service. For example, ftp port 21 stays active unless I ENDTCPSVR SERVER(*FTP).
Outbound ports are a different animal and often can be quite random. For example if I ftp FROM this IBM i to another server might go out on port 9393 (this time, as tested).
I know that firewall/switch personnel like to lock down specific IP addresses and ports. Most of them understand ephemeral ports (like the port 9393 example above). Careful, as they will sometime track a weeks worth of usage and base their decision off of that. Which may cause issues when you only run certain stuff outside of that test period such as SNDPTFORD, SNDSRVRQS. Then there's also the case if your IBM i supports multiple IP addresses, like for multiple web sites, domino servers, H/A software routing, etc and some IP clients don't support "bind specific". For example, if I telnet from an lpar with multiple IP addresses which one am I coming from?
You can do a STRCMNTRC to capture some of this. And it will even generate a pcap file, loved by many a network technician. DMPCMNTRC CFGOBJ(LANLINSYS) CFGTYPE(*LIN) TOSTMF('/home/ROB/myfile.pcap') FORMAT(*PCAP)
I don't believe there are any ways to journal these through journals, qhst, etc.
See also: https://www.ibm.com/docs/en/i/7.5?topic=is-communication-services
------------------------------
Robert Berendt IBMChampion
------------------------------
Original Message:
Sent: Tue July 02, 2024 05:35 AM
From: Thomas Varkey
Subject: Checking for configured ports on IBMi
Hi,
Is there any way to check which ports have been configured for use on IBMi (but not currently active).
NETSTAT *CNN gives the "Active" ports at any point in time and CFGTCP , option 4 gives you any port restrictions.
However, I am looking for an easy way to find out "list of all ports which are configured but NOT CURRENTLY ACTIVE"
Any guidance would be appreciated. Thank you.
------------------------------
Thomas Varkey
------------------------------