SECTCP home | Easy400 | IBM i home
FTP settings
TELNET settings
Access-Reject Messages
HTTP logs

  page 1 out of 16 next page
key by Giovanni B. Perotti (Italy)
This documentation applies to SECTCP release dated February 1, 2019.
Always refer to this online document for the latest features.
The PDF version of this document may be obsolete.
SECTCP (secure TCP) is an IBM i public-source utility that may be used to control and restrain access to the following TCP servers:
  1. FTP

SECTCP adds an extra protection layer between a firewall (if you have one) and the OS/400 security. This extra layer is much more flexible than any firewall and can be easily controlled and changed as needed. Changes to SECTCP settings do not require restarting the FTP or the TELNET server.


If you are currently running SECTCP and you are willing to host a CGI application on an HTTP instance, then you may install a WEB interface for SECTCP.

Its name is WSECTCP.
This WEB interface makes SECTCP so easy that you would never go back to a 5250 session.
Go to this download page and install WSECTCP today.

Sample screens


If you already installed SECTCP and WSECTCP, you may then install also ESECTCP.

ESECTCP provides you with the names (country, region, city) and google maps of all the locations where undesired client IP addresses tried with no success to login to your FTP or TELNET server.
Read about ESECTCP.
Go to this download page to install ESECTCP.

Sample screens


SECTCPTEST is a small utility - authored by Helge Bichel, Denmark - that helps you in finding out if an IP address would be able to login via SECTCP to your IBMi TELNET and/or FTP servers.

  • Operating system release V5R2 or subsequent
  • ILE-RPG compiler
Installation procedure
  1. Signon to the IBM i with a class *SECOFR user profile
  3. From the Easy400 download page download file to your PC and unzip it
  4. Use FTP to copy PC file sectcp.sav to save file QGPL/SECTCP
    It will perform the following:
    1. creates a compile program in library SECTCP
    2. runs command SECTCP/COMPILE that creates the necessary modules and programs
    3. runs command SECTCP/INSTALL to complete the installation by
      • restoring directory /sectcp
      • creating and populating library SECTCPDATA with local files
      During the installation process will stop two times:
      • The first time, to ask the name of the user profile (SECTCP owner) authorized to change the SECTCP settings
      • The second time, to display the HTTP directives that you may install later on in an Apache HTTP instance of your choice. These directives allow to display the SECTCP documentation (the one you are currently reading. They are in the IFS stream file /sectcp/apache/httpdirectives.txt. If you like, you may press this to display them.
Note - To re-install SECTCP on a box without the ILE-RPG compiler:
  1. Save library SECTCP
  2. Restore library SECTCP on the other box
  3. On this other box:
    1. signon with a class *SECOFRE user profile
    2. run command SECTCP/INSTALL
Setting up SECTCP
To define the SECTCP settings, you must
  • signon with the user profile authorized for this operation during the installation process
  • enter command SECTCP/SECTCP .
You will then receive the following screen:
Figure 1 - No protections yet
(Please note that help text is available from any SECTCP screen)
next page