Defines a new entry or modifies an existing entry in the services
database.
The /FILE, /PORT, /PROCESS_NAME, and /USER_NAME qualifiers are
required when defining a new entry and optional when modifying an
existing one.
For changes to service parameters to take effect, you must
disable and reenable the service.
Related command: SHOW SERVICE
Format
SET [NO]SERVICE service
{ /FILE=startup_file
/PORT=n
/PROCESS_NAME=process
/USER_NAME=vms_user_account }
[ /ACCEPT=options ]
[ /ADDRESS=IP_address ]
[ /FLAGS=options ]
[ /LIMIT=n ]
[ /LOG_OPTIONS=options ]
[ /PROTOCOL=protocol=options ]
[ /REJECT=options ]
[ /RPC=values ]
[ /SEPARATOR=option ]
[ /SOCKET_OPTIONS=options ]
1 – Restrictions
You cannot modify the following fields in an existing entry:
o service
o /ADDRESS
o /PORT
o /PROCESS_NAME
o /PROTOCOL (except for the optional settings)
To make changes to these fields, use SET NOSERVICE to delete the
entry and then re-create the entry.
NOTE
There is no RCP service. RCP uses the RSH server process.
HP strongly suggests that, for the services provided by TCP/IP
Services, you do not use this command to reset the following:
o The required qualifiers
o The /FLAGS qualifier, except for the APPLICATION_PROXY and
CASE_INSENSITIVE options
Using SET NOSERVICE without either a specified service or
specified qualifiers deletes all entries for all services.
Requires write access to the directory with the services
database.
2 – Parameters
service
Required for SET SERVICE; optional for SET NOSERVICE.
Service you want to modify or enter into the services database.
To specify a lowercase or mixed-case service name, enclose it in
quotation marks. Service names are limited to 16 characters. Use
only the following characters in a service name:
o Uppercase and lowercase alphabetic characters
o Numerals
o Dollar sign ($)
o Underscore (_)
Do not define a service name equivalent to one of the TCP/IP
Services for OpenVMS components (for example, do not define
a service name BIND or TCPIP$BIND, or FTP). In addition, the
service name CUSTOMER_SERVICE is reserved by HP.
3 – Qualifiers
3.1 /ACCEPT
/ACCEPT {=[NO]HOSTS=(hosts) | =[NO]NETWORKS=(networks)}
Optional. Default: Offers the service to all hosts on all
networks.
o /ACCEPT=HOST=(host)
- Grants host or hosts access to the service.
- Denies access to all other hosts.
o /ACCEPT=NOHOST=host removes access to the service for a host
that previously gained access with /ACCEPT=HOST.
The following options are available:
Option Meaning
HOSTS=hosts Makes the service available to the specified
hosts.
Denies all other hosts access to the service.
Maximum is 32.
NOHOSTS=hosts Removes the specified hosts from the accept
list so they cannot gain access to the
service. You can specify a wildcard character
(*) in place of the hosts list to remove all
hosts from the accept list.
Maximum is 32.
NETWORKS=networks Makes the service available to the specified
networks. Denies access to the service to all
other networks.
Maximum is 16.
For each network, you can optionally specify
the network mask. The default network mask
equals network's class number. For example,
for the network 11.200.0.0., the default mask
is 255.0.0.0.
NONETWORKS[=networks]moves the specified networks from the
accept list so they cannot gain access to the
service. You can specify a wildcard character
(*) in place of the networks list to remove
all networks from the accept list.
Maximum is 16.
For each network, you can optionally specify
the network mask. The default net mask equals
network's class number. For example, for
network 11.200.0.0., the default mask is
255.0.0.0.
/ACCEPT=NONETWORKS=(net1_name,net2_address,net3:net3mask)
3.2 /ADDRESS
/ADDRESS=IP_address
Optional. Default: 0.0.0.0 (all local interfaces receive incoming
requests for the service).
If you have multiple Internet interfaces and, therefore, more
than one IP address, /ADDRESS specifies the particular address on
which incoming requests are received.
To define a service name more than once, use /ADDRESS with
different values for each instance. A reason to duplicate a
service name, for example, is that your local host has three
interfaces and you want to make a service available on two of
them. Each service/interface pair must be unique.
3.3 /FILE
/FILE=startup_file
Required if defining a new service entry; optional if modifying
an existing one.
Name of the service's startup command file.
3.4 /FLAGS
/FLAGS= {[NO]APPLICATION_PROXY | [NO]MULTITHREAD | [NO]PROXY |
[NO]CASE_INSENSITIVE}
Optional.
The flag options are:
o [NO]APPLICATION_PROXY. Default: NOAPPLICATION_PROXY.
The service does its own proxy checking. This allows
connections based on defined proxies.
Applies to: remote shell (RSH) and line printer daemon (LPD).
NOTE
The ROOT account does not require a communication proxy
in the proxy database. The setting of /FLAGS=APPLICATION_
PROXY flag is not relevant.
o [NO]MULTITHREAD. Default: NOMULTITHREAD.
While connecting a socket to a remote host and passing the
socket to the requested server, the auxiliary server continues
to listen for incoming requests.
o [NO]PROXY. Default: NOPROXY.
User account information is from the proxy database.
o [NO]CASE_INSENSITIVE. Default: CASE_INSENSITIVE.
Case sensitivity of the remote user name in the proxy
database.
Use with /PROXY.
3.5 /LIMIT
/LIMIT=n
Optional.
Maximum number of copies of the requested service allowed to run
on the system. If the maximum number is reached, any additional
requests for the service are rejected.
3.6 /LOG_OPTIONS
/LOG_OPTIONS=
[ [NO]ACCEPT ]
[ [NO]ACTIVATE ]
[ [NO]ADDRESS ]
[ [NO]ALL ]
[ [NO]CONNECT ]
[ [NO]DEACTIVATE ]
[ [NO]ERROR ]
[ [NO]EXIT_CLEANUP ]
[ [NO]LOGIN ]
[ [NO]LOGOUT ]
[ [NO]MODIFY ]
[ [NO]REJECT ]
Sets the specified logging options for the service you are
configuring.
The logging options have the following meanings:
Option Meaning
[NO]ACCEPT Message is logged when a request is accepted.
[NO]ACTIVATE Message is logged when the service is activated.
[NO]ADDRESS For auxiliary server messages and OpenVMS
security events, the message displays the
IP address as a host name. If host names are
not relevant, HP recommends that you specify
[NO]ADDRESS.
[NO]ALL Messages are logged for all events.
[NO]CONNECT Message is logged when the auxiliary server
issues a connect request back to the client.
The services that usually make this request (on
a second socket) are remote shell and remote
execute.
[NO]DEACTIVATE Message is logged when the service is being
deactivated.
[NO]ERROR Message is logged when an error is detected while
processing a request to the service.
[NO]EXIT_ Message is logged when the service fails to
CLEANUP complete startup (that is, the server did not
assign the BG device, with logical name SYS$NET,
or did not issue a C socket before exiting).
[NO]LOGIN Message is logged when a connected terminal
server accepts a remote login request.
[NO]LOGOUT Message is logged when a connected terminal
server terminates a connection.
[NO]MODIFY Message is logged when the active service is
being modified.
[NO]REJECT Message is logged when a request is rejected.
3.7 /PORT
/PORT=n
Required if defining a new service entry. Cannot be modified; use
SET NOSERVICE to delete the entry and then re-create the entry
with the modification you want to make.
Port number that the service will use. Specify a number from 1 to
65535.
3.8 /PROCESS_NAME
/PROCESS_NAME=process
Required if defining a new service entry. Cannot be modified (use
SET NOSERVICE to delete the entry and then re-create the entry
with the modification you want to make).
Name of the service's process.
Specify a character string up to 15 characters long. The name is
truncated to 15 characters if it exceeds that limit.
3.9 /PROTOCOL
/PROTOCOL=protocol [=options]
Optional. Default: TCP.
Protocol, and its parameters, that the service will use. To set
these parameters, use the following options:
Protocol Option Meaning
IP TYPE_OF_SERVICE=n Type of service, expressed as a
value between 0 and 255.
TIME_TO_LIVE=n Maximum number of hops that packets
can traverse before being dropped.
TCP [NO]DELAY Delays sending packets, allowing
(stream multiple packets to be combined
socket into a single larger packet before
type) transmission.
Default: DELAY.
DROP_COUNT=n TCP connection-request timeout
interval for the service.
Maximum number of seconds to probe
for idle TCP connections before
such a connection times out and
closes.
PROBE_ Number of seconds between probes
TIMER=seconds for idle connections.
UDP None Datagram socket type.
3.10 /REJECT
/REJECT {=[NO]HOSTS=(hosts) |=[NO]NETWORKS=(networks)
|=[NO]MESSAGE="text"] }
Optional. Default: No rejections if /ACCEPT is set to its default
(service all hosts).
o /REJECT=HOST=host denies host access to the service.
o /REJECT=NOHOST=host regrants host access to the service.
The following options are available.
Option Meaning
HOSTS=hosts Makes the service unavailable to the specified
hosts.
Maximum is 32.
Examples:
/REJECT=HOSTS=(host1_name,host2_name, host3_
address)
/REJECT=HOSTS=*
NOHOSTS=hosts Removes the specified hosts from the reject
list. You can use the wildcard character (*)
in place of the hosts list to remove all hosts
from the reject list.
Maximum is 32.
Examples:
/REJECT=NOHOSTS=(host1_name,host2_name,host3_
address)
/REJECT=NOHOSTS=*
NETWORKS=networks Makes the service unavailable to the hosts on
the specified networks.
Maximum is 16.
For each network, you can optionally specify
the network mask. The default net mask equals
network's class number. For example, for
network 11.200.0.0., the default mask is
255.0.0.0.
Example:
/REJECT=NETWORKS=(net1_name,net2_address,
net3:net3mask)
NONETWORKS[=networks]moves the specified networks from the reject
list. You can use the wildcard character (*)
in place of the networks list to remove all
networks from the reject list.
Maximum is 16.
For each network, you can optionally specify
the network mask. The default net mask equals
network's class number. For example, for
network 11.200.0.0., the default mask is
255.0.0.0.
Example:
/REJECT=NONETWORKS=(net1_name,net2_address,
net3:net3mask)
[NO]MESSAGE=text Message sent to "reject-list" clients when
NOMESSAGE TCP/IP Services rejects their request for the
service.
Optional.
Specify a character string up to 63
characters.
Enclose the string in quotation marks.
Use this option only for a service whose
clients require and support reject messages.
Messages are sent with a carriage return/line
feed at the end.
For RLOGIN, RSH, and REXEC, this message is
preceded by a byte with a value of 1 and is
terminated with a byte with a value of 0.
/REJECT=NOMESSAGE deletes the stored message
text.
3.11 /RPC
/RPC=(PROGRAM_NUMBER=n, VERSION_NUMBER=(LOW=n, HIGH=n))
Required for services that use the Portmapper; otherwise, not
valid. Defaults:
Program Highest
Service Number Version Lowest Version
MOUNT 100005 1 1
NFS server 100003 2 2
PCNFS 150001 1 2
PORTMAPPER 100000 1 1
Information that identifies the service to the Portmapper. Use
this qualifier for all applications that use RPCs.
3.12 /SEPARATOR
/SEPARATOR=option=character
Optional. Default: 0 (null).
Character that separates the following fields in received
packets:
o PORT=character
o USER_NAME=character
o PASSWORD=character
o COMMAND=character
3.13 /SOCKET_OPTIONS
/SOCKET_OPTIONS=(options)
Optional.
The following socket options are available.
Option Description Default
BROADCAST Sockets Null character (hexadecimal 00)
are UDP
NOBROADCAST broadcast.
Sockets
are not UDP
broadcast.
KEEPALIVE Sockets Null character (hexadecimal 00)
are TCP
NOKEEPALIVE keepalive.
Sockets
are not TCP
keepalive.
RECEIVE Receive Null character (hexadecimal 00)
socket quota.
SEND Send socket Null character (hexadecimal 00)
quota.
3.14 /USER_NAME
/USER_NAME=vms_user_account
Required if defining a new service entry; optional if modifying
an existing service.
OpenVMS account information for users working on client systems.
Required for a user to access the service.
The user must also be defined in the system user authorization
file (SYSUAF.DAT).
4 – Examples
1.TCPIP> SET SERVICE TOE /USER_NAME=LITTLE_PIGGY -
_TCPIP> /PROCESS_NAME=TOEd /PORT=1050 /PROTOCOL=UDP -
_TCPIP> /FILE=SYS$COMMON:[SYSMGR]TOE_STARTUP.COM
Modifies the service TOE to implement UDP on port 1050. This
service has the OpenVMS process context of user LITTLE_PIGGY.
After you issue a SET SERVICE TOE command, the auxiliary server
executes TOE_STARTUP.COM when a request arrives for service
TOE.
2.TCPIP> SET SERVICE LPD -
_TCPIP> /REJECT=NETWORK=(11.30.0.0:255.255.0.0,11.40.0.0)
Sets the LPD service to be inaccessible to the two specified
networks.
3.TCPIP> SET SERVICE RSH /FLAGS=(PROXY,CASE_INSENSITIVE)
Sets the proxy and case-sensitivity flags for the RSH service.