This documentation applies to SECTCP release dated 2017-06-22.
Always refer to this online document for the latest features.
The PDF version of this document may be obsolete.
SECTCP (secure TCP) is an IBM i public-source utility
that may be used to control and restrain access to the following TCP servers:
SECTCP adds an extra protection layer between a firewall (if you have one) and the OS/400 security.
This extra layer is much more flexible than any firewall and can be easily controlled and changed as needed.
Changes to SECTCP settings do not require restarting the FTP or the TELNET server.
Operating system release V5R2 or subsequent
If you are currently running SECTCP and you are willing to host a CGI application on an HTTP instance,
then you may install a WEB interface for SECTCP.
Its name is WSECTCP.
This WEB interface makes SECTCP so easy that you would never go back to a 5250 session.
Go to the download page and install WSECTCP today.
Signon to the IBM i with a class *SECOFR user profile
STRREXPRC SRCMBR(INSTALL) SRCFILE(SECTCP/QREXSRC)
It will perform the following:
creates a compile program in library SECTCP
runs command SECTCP/COMPILE that creates the necessary modules and programs
runs command SECTCP/INSTALL to complete the installation by
restoring directory /sectcp
creating and populating library SECTCPDATA with local files
During the installation process will stop two times:
The first time, to ask the name of the user profile (SECTCP owner) authorized to change the SECTCP settings
The second time, to display the HTTP directives that you may install later on in an
Apache HTTP instance of your choice.
These directives allow to display the SECTCP documentation
(the one you are currently reading. They are in the IFS stream file
If you like, you may press this
to display them.
Note - To re-install SECTCP on a box without the ILE-RPG compiler:
Save library SECTCP
Restore library SECTCP on the other box
On this other box:
signon with a class *SECOFRE user profile
run command SECTCP/INSTALL
Setting up SECTCP
To define the SECTCP settings, you must
signon with the user profile authorized for this operation during the installation process
enter command SECTCP/SECTCP .
You will then receive the following screen:
Figure 1 - No protections yet
(Please note that help text is available from any SECTCP screen)