本文详细记录了SAProuter在服务器环境下的安装步骤,包括环境变量配置、证书申请、凭证导入、SAProuter脚本编写及服务端口定义等关键操作。
1.服务器环境
|
[root@saprouter02 saprouter]# free -h total used free shared buff/cache available Mem: 7.6G 187M 7.2G 8.8M 240M 7.2G Swap: 7.9G 0B 7.9G [root@saprouter02 saprouter]# lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian CPU(s): 8 On-line CPU(s) list: 0-7 Thread(s) per core: 1 Core(s) per socket: 4 Socket(s): 2 NUMA node(s): 1 Vendor ID: GenuineIntel CPU family: 6 Model: 37 Model name: Intel(R) Xeon(R) CPU E5-2650 v4 @ 2.20GHz Stepping: 1 CPU MHz: 2199.998 BogoMIPS: 4399.99 Hypervisor vendor: VMware Virtualization type: full L1d cache: 32K L1i cache: 32K L2 cache: 256K L3 cache: 30720K NUMA node0 CPU(s): 0-7 Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc pni pclmulqdq ssse3 cx16 sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes hypervisor lahf_lm tsc_adjust ibpb ibrs stibp arat spec_ctrl intel_stibp arch_capabilities[root@saprouter02 saprouter]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 50G 1.1G 49G 3% / devtmpfs 3.9G 0 3.9G 0% /dev tmpfs 3.9G 0 3.9G 0% /dev/shm tmpfs 3.9G 8.8M 3.9G 1% /run tmpfs 3.9G 0 3.9G 0% /sys/fs/cgroup /dev/sda1 1014M 142M 873M 14% /boot /dev/mapper/centos-usr_sap 92G 33M 92G 1% /usr/sap tmpfs 783M 0 783M 0% /run/user/0 |
2.将安装文件上传到服务器中
3.创建安装目录
|
[root@saprouter02 saprouterinst]# mkdir /usr/sap/saprouter [root@saprouter02 saprouterinst]# cd /usr/sap/saprouter/ [root@saprouter02 saprouter]# pwd /usr/sap/saprouter |
4.配置环境变量
|
[root@saprouter02 saprouter]# echo $SHELL /bin/bash [root@saprouter02 saprouter]# vi /etc/profile //加入以下两句 export SECUDIR=/usr/sap/saprouter/ export SNC_LIB=/usr/sap/saprouter/libsapcrypto.so
[root@saprouter02 saprouter]# source /etc/profile |
5.新建安装目录,copy文件
|
[root@saprouter02 saprouter]# pwd /usr/sap/saprouter [root@saprouter02 saprouter]# ll total 8856 -rwxr-xr-x. 1 root root 5472350 Dec 16 01:06 libsapcrypto.so -rwxr-xr-x. 1 root root 499679 Dec 16 01:06 libslcryptokernel.so -rwxr-xr-x. 1 root root 166 Dec 16 01:06 libslcryptokernel.so.sha256 -rwxr-xr-x. 1 root root 1341659 Dec 16 01:07 niping -rwxr-xr-x. 1 root root 295 Dec 16 01:07 patches.mf -rwxr-xr-x. 1 root root 102 Dec 16 01:06 sapcrypto.lst -rwxr-xr-x. 1 root root 257 Dec 16 01:06 sapcrypto.mf -rwxr-xr-x. 1 root root 38098 Dec 16 01:06 sapgenpse -rwxr-xr-x. 1 root root 1688597 Dec 16 01:07 saprouter |
6.联系SAP,在SAP官网创建saprouter信息
发message
7.在本地服务器找那个创建相关信息
|
[root@saprouter02 saprouter]# ./sapgenpse get_pse -v -a sha256WithRsaEncryption -s 2048 -noreq -p local.pse -x Deli2 019, "CN=saprouter02, OU=0001706753, OU=SAProuter, O=SAP, C=DE" Got absolute PSE path "/usr/sap/saprouter/local.pse". Supplied distinguished name: "CN=saprouter02, OU=0001706753, OU=SAProuter, O=SAP, C=DE" Creating PSE with format v2 (default) succeeded. certificate creation... ok PSE update... ok PKRoot... ok [root@saprouter02 saprouter]# ./sapgenpse get_pse -v -onlyreq -r certreq -p local.pse -x Deli2019, Opening PSE "/usr/sap/saprouter/local.pse"... No SSO credentials found for this PSE. PSE (v2) open ok. Generating certificate request... ok. Certificate Request: Signed Part: Subject: CN=saprouter02, OU=0001706753, OU=SAProuter, O=SAP, C=DE Key: rsaEncryption (2048 bits) Attributes: None Signature: Signature algorithm: sha256WithRsaEncryption (1.2.840.113549.1.1.11) Signature: <Not displayed> |
8.在SAP官网上生成凭证
|
[root@saprouter02 saprouter]# ll total 8864 -rw-r--r--. 1 root root 985 Dec 16 01:20 certreq -rwxr-xr-x. 1 root root 5472350 Dec 16 01:06 libsapcrypto.so -rwxr-xr-x. 1 root root 499679 Dec 16 01:06 libslcryptokernel.so -rwxr-xr-x. 1 root root 166 Dec 16 01:06 libslcryptokernel.so.sha256 -rw-------. 1 root root 2055 Dec 16 01:19 local.pse -rwxr-xr-x. 1 root root 1341659 Dec 16 01:07 niping -rwxr-xr-x. 1 root root 295 Dec 16 01:07 patches.mf -rwxr-xr-x. 1 root root 102 Dec 16 01:06 sapcrypto.lst -rwxr-xr-x. 1 root root 257 Dec 16 01:06 sapcrypto.mf -rwxr-xr-x. 1 root root 38098 Dec 16 01:06 sapgenpse -rwxr-xr-x. 1 root root 1688597 Dec 16 01:07 saprouter [root@saprouter02 saprouter]# cat certreq -----BEGIN CERTIFICATE REQUEST----- MIICnzCCAYcCAQAwWjELMAkGA1UEBhMCREUxDDAKBgNVBAoTA1NBUDESMBAGA1UE CxMJU0FQcm91dGVyMRMwEQYDVQQLEwowMDAxNzA2NzUzMRQwEgYDVQQDEwtzYXBy b3V0ZXIwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANCL1F09l97l /8HTx+WIry3UPK8H0EodIlwOn4c4PALYL+/kcD9EeeQ77/zaUTytUoZZrqD0lZvx uuRmUlQEsPnrZXOKauFHlY6b6wMKJ/r/WNneER7VdcFQrd3Yp5cNXBcLPKij0fSR qvXUpbjcVVfURUg8H9KtqmfgpZn61liLp/2eyTSUE97BGpdA/01ndiuFm56lsQyQ RVJvQtE73MQOWyYXFccv3Ufe2pTpBsdBhPKeA6YTzg21uRiN7LgNQnXV7rGvI9CD 5YOBlQ7pbknn5Xiz4YFofYl+B2FsBkPJ9v2/Fojnt5dz4Zi9QSFn4b/NCp3pPFdK aNAcvC95r5UCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQDGEyTrRB1NmI0W2H95 VPFSbnq+IXgxaKDZYEaxjPF759leqmgw08oADrSH10gfpGc1xbiuDyUHuYbOxjNw kuH1M2WHg4Jlp1eMpygn4Qq3g0IKTqlcxNRTzYZNVuKKey63TsqoQr0YCgvC6FSu n4hDPB08gm/0gRgzAtT3j4NYcy5y8Vmeqzk6ASR8rgQx430KmpGKYtfesXYb3tLw EDw6InizCAvM/ZYat7mDwQUQXvJHA+EVzX3Zs1mCV8YW0DLIX/1QLQwkdhvRX/Tl 3Fsz+wg6u527ejM32djy0PtFHFj+Pk5N9MkAlK+xCG+aLkUzFetRocORleytgaYM XOk/ -----END CERTIFICATE REQUEST----- You have new mail in /var/spool/mail/root |
9.导入凭证
|
[root@saprouter02 saprouter]# vi srcert //将上图中的信息复制到该文件中 [root@saprouter02 saprouter]# ./sapgenpse import_own_cert -c srcert -p local.pse -x Deli2019, CA-Response successfully imported into PSE "/usr/sap/saprouter/local.pse"
[root@saprouter02 saprouter]# ./sapgenpse import_own_cert -c srcert -p local.pse -x Deli2019, CA-Response successfully imported into PSE "/usr/sap/saprouter/local.pse"
[root@saprouter02 saprouter]# ./sapgenpse seclogin -p local.pse -x Deli2019, -O root running seclogin with USER="root" creating credentials for yourself (USER="root")... Added SSO-credentials for PSE "/usr/sap/saprouter/local.pse"
You have new mail in /var/spool/mail/root [root@saprouter02 saprouter]# ./sapgenpse get_my_name -v -n Issuer Opening PSE "/usr/sap/saprouter/local.pse"... PSE (v2) open ok. Retrieving my certificate... ok. Getting requested information... ok. SSO for USER "root" with PSE file "/usr/sap/saprouter/local.pse"
Issuer : CN=SAProuter CA, OU=SAProuter, O=SAP Trust Community II, C=DE
[root@saprouter02 saprouter]# ./sapgenpse get_my_name -v -n Issuer Opening PSE "/usr/sap/saprouter/local.pse"... PSE (v2) open ok. Retrieving my certificate... ok. Getting requested information... ok. SSO for USER "root" with PSE file "/usr/sap/saprouter/local.pse"
Issuer : CN=SAProuter CA, OU=SAProuter, O=SAP Trust Community II, C=DE
You have new mail in /var/spool/mail/root [root@saprouter02 saprouter]# ./sapgenpse get_my_name -n validity SSO for USER "root" with PSE file "/usr/sap/saprouter/local.pse"
Validity - NotBefore: Mon Dec 16 00:27:56 2019 (191216052756Z) NotAfter : Tue Dec 15 00:27:56 2020 (201215052756Z) |
10.新建saproutab
|
[root@saprouter02 saprouter]# vi saproutab [root@saprouter02 saprouter]# cat saproutab #SNC connection to and from SAP KT "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 169.145.197.110 * # SNC connection to local system for R/3-Support # R/3 Server: 192.168.112.86 # R/3 Instance: 00 KP "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 192.168.112.86 3200 # SNC connection to local WINDOWS system for WTS, if applicable # Windows server: 192.168.1.2 # Default WTS port: 3389 KP "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 192.168.112.86 3389 # SNC connection to local UNIX system for SAPtelnet, if applicable # UNIX server: 192.168.1.3 # Default Telnet port: 23 KP "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" 192.168.112.86 23 # SNC connection to local Portal system for URL access, if applicable # Portal server: myserver.mydomain # Port number: 50003 KP "p:CN=sapserv9, OU=SAProuter, O=SAP, C=DE" myserver.mydomain 50003 # Access from local network to SAP P * * * # deny all other connections D * * * [root@saprouter02 saprouter]# chmod 750 saproutab [root@saprouter02 saprouter]# ll total 8880 -rw-r--r--. 1 root root 985 Dec 16 01:20 certreq -rw-r--r--. 1 root root 115 Dec 16 01:30 cred_v2 -rwxr-xr-x. 1 root root 5472350 Dec 16 01:06 libsapcrypto.so -rwxr-xr-x. 1 root root 499679 Dec 16 01:06 libslcryptokernel.so -rwxr-xr-x. 1 root root 166 Dec 16 01:06 libslcryptokernel.so.sha256 -rw-------. 1 root root 3319 Dec 16 01:28 local.pse -rwxr-xr-x. 1 root root 1341659 Dec 16 01:07 niping -rwxr-xr-x. 1 root root 295 Dec 16 01:07 patches.mf -rwxr-xr-x. 1 root root 102 Dec 16 01:06 sapcrypto.lst -rwxr-xr-x. 1 root root 257 Dec 16 01:06 sapcrypto.mf -rwxr-xr-x. 1 root root 38098 Dec 16 01:06 sapgenpse -rwxr-x---. 1 root root 910 Dec 16 01:37 saproutab -rwxr-xr-x. 1 root root 1688597 Dec 16 01:07 saprouter -rwxr-xr-x. 1 root root 150 Dec 16 01:36 saprouter.sh -rw-r--r--. 1 root root 2679 Dec 16 01:28 srcert |
11.维护/etc/services文件,新增以下内容
|
sapdp00 3200/tcp sapdp01 3201/tcp sapdp02 3202/tcp sapdp03 3203/tcp sapdp04 3204/tcp sapdp05 3205/tcp sapdp06 3206/tcp sapdp07 3207/tcp sapdp08 3208/tcp sapdp09 3209/tcp sapdp10 3210/tcp sapdp11 3211/tcp sapdp12 3212/tcp sapdp13 3213/tcp sapdp14 3214/tcp sapdp15 3215/tcp sapdp16 3216/tcp sapdp17 3217/tcp sapdp18 3218/tcp sapdp19 3219/tcp sapdp20 3220/tcp sapdp21 3221/tcp sapdp22 3222/tcp sapdp23 3223/tcp sapdp24 3224/tcp sapdp25 3225/tcp sapdp26 3226/tcp sapdp27 3227/tcp sapdp28 3228/tcp sapdp29 3229/tcp sapdp30 3230/tcp sapdp31 3231/tcp sapdp32 3232/tcp sapdp33 3233/tcp sapdp34 3234/tcp sapdp35 3235/tcp sapdp36 3236/tcp sapdp37 3237/tcp sapdp38 3238/tcp sapdp39 3239/tcp sapdp40 3240/tcp sapdp41 3241/tcp sapdp42 3242/tcp sapdp43 3243/tcp sapdp44 3244/tcp sapdp45 3245/tcp sapdp46 3246/tcp sapdp47 3247/tcp sapdp48 3248/tcp sapdp49 3249/tcp sapdp50 3250/tcp sapdp51 3251/tcp sapdp52 3252/tcp sapdp53 3253/tcp sapdp54 3254/tcp sapdp55 3255/tcp sapdp56 3256/tcp sapdp57 3257/tcp sapdp58 3258/tcp sapdp59 3259/tcp sapdp60 3260/tcp sapdp61 3261/tcp sapdp62 3262/tcp sapdp63 3263/tcp sapdp64 3264/tcp sapdp65 3265/tcp sapdp66 3266/tcp sapdp67 3267/tcp sapdp68 3268/tcp sapdp69 3269/tcp sapdp70 3270/tcp sapdp71 3271/tcp sapdp72 3272/tcp sapdp73 3273/tcp sapdp74 3274/tcp sapdp75 3275/tcp sapdp76 3276/tcp sapdp77 3277/tcp sapdp78 3278/tcp sapdp79 3279/tcp sapdp80 3280/tcp sapdp81 3281/tcp sapdp82 3282/tcp sapdp83 3283/tcp sapdp84 3284/tcp sapdp85 3285/tcp sapdp86 3286/tcp sapdp87 3287/tcp sapdp88 3288/tcp sapdp89 3289/tcp sapdp90 3290/tcp sapdp91 3291/tcp sapdp92 3292/tcp sapdp93 3293/tcp sapdp94 3294/tcp sapdp95 3295/tcp sapdp96 3296/tcp sapdp97 3297/tcp sapdp98 3298/tcp sapdp99 3299/tcp sapgw00 3300/tcp sapgw01 3301/tcp sapgw02 3302/tcp sapgw03 3303/tcp sapgw04 3304/tcp sapgw05 3305/tcp sapgw06 3306/tcp sapgw07 3307/tcp sapgw08 3308/tcp sapgw09 3309/tcp sapgw10 3310/tcp sapgw11 3311/tcp sapgw12 3312/tcp sapgw13 3313/tcp sapgw14 3314/tcp sapgw15 3315/tcp sapgw16 3316/tcp sapgw17 3317/tcp sapgw18 3318/tcp sapgw19 3319/tcp sapgw20 3320/tcp sapgw21 3321/tcp sapgw22 3322/tcp sapgw23 3323/tcp sapgw24 3324/tcp sapgw25 3325/tcp sapgw26 3326/tcp sapgw27 3327/tcp sapgw28 3328/tcp sapgw29 3329/tcp sapgw30 3330/tcp sapgw31 3331/tcp sapgw32 3332/tcp sapgw33 3333/tcp sapgw34 3334/tcp sapgw35 3335/tcp sapgw36 3336/tcp sapgw37 3337/tcp sapgw38 3338/tcp sapgw39 3339/tcp sapgw40 3340/tcp sapgw41 3341/tcp sapgw42 3342/tcp sapgw43 3343/tcp sapgw44 3344/tcp sapgw45 3345/tcp sapgw46 3346/tcp sapgw47 3347/tcp sapgw48 3348/tcp sapgw49 3349/tcp sapgw50 3350/tcp sapgw51 3351/tcp sapgw52 3352/tcp sapgw53 3353/tcp sapgw54 3354/tcp sapgw55 3355/tcp sapgw56 3356/tcp sapgw57 3357/tcp sapgw58 3358/tcp sapgw59 3359/tcp sapgw60 3360/tcp sapgw61 3361/tcp sapgw62 3362/tcp sapgw63 3363/tcp sapgw64 3364/tcp sapgw65 3365/tcp sapgw66 3366/tcp sapgw67 3367/tcp sapgw68 3368/tcp sapgw69 3369/tcp sapgw70 3370/tcp sapgw71 3371/tcp sapgw72 3372/tcp sapgw73 3373/tcp sapgw74 3374/tcp sapgw75 3375/tcp sapgw76 3376/tcp sapgw77 3377/tcp sapgw78 3378/tcp sapgw79 3379/tcp sapgw80 3380/tcp sapgw81 3381/tcp sapgw82 3382/tcp sapgw83 3383/tcp sapgw84 3384/tcp sapgw85 3385/tcp sapgw86 3386/tcp sapgw87 3387/tcp sapgw88 3388/tcp sapgw89 3389/tcp sapgw90 3390/tcp sapgw91 3391/tcp sapgw92 3392/tcp sapgw93 3393/tcp sapgw94 3394/tcp sapgw95 3395/tcp sapgw96 3396/tcp sapgw97 3397/tcp sapgw98 3398/tcp sapgw99 3399/tcp sapmsEP1 3600/tcp sapmsWMP 3600/tcp
sapdp00s 4700/tcp # SAP System Dispatcher Security Port sapdp01s 4701/tcp # SAP System Dispatcher Security Port sapdp02s 4702/tcp # SAP System Dispatcher Security Port sapdp03s 4703/tcp # SAP System Dispatcher Security Port sapdp04s 4704/tcp # SAP System Dispatcher Security Port sapdp05s 4705/tcp # SAP System Dispatcher Security Port sapdp06s 4706/tcp # SAP System Dispatcher Security Port sapdp07s 4707/tcp # SAP System Dispatcher Security Port sapdp08s 4708/tcp # SAP System Dispatcher Security Port sapdp09s 4709/tcp # SAP System Dispatcher Security Port sapdp10s 4710/tcp # SAP System Dispatcher Security Port sapdp11s 4711/tcp # SAP System Dispatcher Security Port sapdp12s 4712/tcp # SAP System Dispatcher Security Port sapdp13s 4713/tcp # SAP System Dispatcher Security Port sapdp14s 4714/tcp # SAP System Dispatcher Security Port sapdp15s 4715/tcp # SAP System Dispatcher Security Port sapdp16s 4716/tcp # SAP System Dispatcher Security Port sapdp17s 4717/tcp # SAP System Dispatcher Security Port sapdp18s 4718/tcp # SAP System Dispatcher Security Port sapdp19s 4719/tcp # SAP System Dispatcher Security Port sapdp20s 4720/tcp # SAP System Dispatcher Security Port sapdp21s 4721/tcp # SAP System Dispatcher Security Port sapdp22s 4722/tcp # SAP System Dispatcher Security Port sapdp23s 4723/tcp # SAP System Dispatcher Security Port sapdp24s 4724/tcp # SAP System Dispatcher Security Port sapdp25s 4725/tcp # SAP System Dispatcher Security Port sapdp26s 4726/tcp # SAP System Dispatcher Security Port sapdp27s 4727/tcp # SAP System Dispatcher Security Port sapdp28s 4728/tcp # SAP System Dispatcher Security Port sapdp29s 4729/tcp # SAP System Dispatcher Security Port sapdp30s 4730/tcp # SAP System Dispatcher Security Port sapdp31s 4731/tcp # SAP System Dispatcher Security Port sapdp32s 4732/tcp # SAP System Dispatcher Security Port sapdp33s 4733/tcp # SAP System Dispatcher Security Port sapdp34s 4734/tcp # SAP System Dispatcher Security Port sapdp35s 4735/tcp # SAP System Dispatcher Security Port sapdp36s 4736/tcp # SAP System Dispatcher Security Port sapdp37s 4737/tcp # SAP System Dispatcher Security Port sapdp38s 4738/tcp # SAP System Dispatcher Security Port sapdp39s 4739/tcp # SAP System Dispatcher Security Port sapdp40s 4740/tcp # SAP System Dispatcher Security Port sapdp41s 4741/tcp # SAP System Dispatcher Security Port sapdp42s 4742/tcp # SAP System Dispatcher Security Port sapdp43s 4743/tcp # SAP System Dispatcher Security Port sapdp44s 4744/tcp # SAP System Dispatcher Security Port sapdp45s 4745/tcp # SAP System Dispatcher Security Port sapdp46s 4746/tcp # SAP System Dispatcher Security Port sapdp47s 4747/tcp # SAP System Dispatcher Security Port sapdp48s 4748/tcp # SAP System Dispatcher Security Port sapdp49s 4749/tcp # SAP System Dispatcher Security Port sapdp50s 4750/tcp # SAP System Dispatcher Security Port sapdp51s 4751/tcp # SAP System Dispatcher Security Port sapdp52s 4752/tcp # SAP System Dispatcher Security Port sapdp53s 4753/tcp # SAP System Dispatcher Security Port sapdp54s 4754/tcp # SAP System Dispatcher Security Port sapdp55s 4755/tcp # SAP System Dispatcher Security Port sapdp56s 4756/tcp # SAP System Dispatcher Security Port sapdp57s 4757/tcp # SAP System Dispatcher Security Port sapdp58s 4758/tcp # SAP System Dispatcher Security Port sapdp59s 4759/tcp # SAP System Dispatcher Security Port sapdp60s 4760/tcp # SAP System Dispatcher Security Port sapdp61s 4761/tcp # SAP System Dispatcher Security Port sapdp62s 4762/tcp # SAP System Dispatcher Security Port sapdp63s 4763/tcp # SAP System Dispatcher Security Port sapdp64s 4764/tcp # SAP System Dispatcher Security Port sapdp65s 4765/tcp # SAP System Dispatcher Security Port sapdp66s 4766/tcp # SAP System Dispatcher Security Port sapdp67s 4767/tcp # SAP System Dispatcher Security Port sapdp68s 4768/tcp # SAP System Dispatcher Security Port sapdp69s 4769/tcp # SAP System Dispatcher Security Port sapdp70s 4770/tcp # SAP System Dispatcher Security Port sapdp71s 4771/tcp # SAP System Dispatcher Security Port sapdp72s 4772/tcp # SAP System Dispatcher Security Port sapdp73s 4773/tcp # SAP System Dispatcher Security Port sapdp74s 4774/tcp # SAP System Dispatcher Security Port sapdp75s 4775/tcp # SAP System Dispatcher Security Port sapdp76s 4776/tcp # SAP System Dispatcher Security Port sapdp77s 4777/tcp # SAP System Dispatcher Security Port sapdp78s 4778/tcp # SAP System Dispatcher Security Port sapdp79s 4779/tcp # SAP System Dispatcher Security Port sapdp80s 4780/tcp # SAP System Dispatcher Security Port sapdp81s 4781/tcp # SAP System Dispatcher Security Port sapdp82s 4782/tcp # SAP System Dispatcher Security Port sapdp83s 4783/tcp # SAP System Dispatcher Security Port sapdp84s 4784/tcp # SAP System Dispatcher Security Port sapdp85s 4785/tcp # SAP System Dispatcher Security Port sapdp86s 4786/tcp # SAP System Dispatcher Security Port sapdp87s 4787/tcp # SAP System Dispatcher Security Port sapdp88s 4788/tcp # SAP System Dispatcher Security Port sapdp89s 4789/tcp # SAP System Dispatcher Security Port sapdp90s 4790/tcp # SAP System Dispatcher Security Port sapdp91s 4791/tcp # SAP System Dispatcher Security Port sapdp92s 4792/tcp # SAP System Dispatcher Security Port sapdp93s 4793/tcp # SAP System Dispatcher Security Port sapdp94s 4794/tcp # SAP System Dispatcher Security Port sapdp95s 4795/tcp # SAP System Dispatcher Security Port sapdp96s 4796/tcp # SAP System Dispatcher Security Port sapdp97s 4797/tcp # SAP System Dispatcher Security Port sapdp98s 4798/tcp # SAP System Dispatcher Security Port sapdp99s 4799/tcp # SAP System Dispatcher Security Port sapgw00s 4800/tcp # SAP System Gateway Security Port sapgw01s 4801/tcp # SAP System Gateway Security Port sapgw02s 4802/tcp # SAP System Gateway Security Port sapgw03s 4803/tcp # SAP System Gateway Security Port sapgw04s 4804/tcp # SAP System Gateway Security Port sapgw05s 4805/tcp # SAP System Gateway Security Port sapgw06s 4806/tcp # SAP System Gateway Security Port sapgw07s 4807/tcp # SAP System Gateway Security Port sapgw08s 4808/tcp # SAP System Gateway Security Port sapgw09s 4809/tcp # SAP System Gateway Security Port sapgw10s 4810/tcp # SAP System Gateway Security Port sapgw11s 4811/tcp # SAP System Gateway Security Port sapgw12s 4812/tcp # SAP System Gateway Security Port sapgw13s 4813/tcp # SAP System Gateway Security Port sapgw14s 4814/tcp # SAP System Gateway Security Port sapgw15s 4815/tcp # SAP System Gateway Security Port sapgw16s 4816/tcp # SAP System Gateway Security Port sapgw17s 4817/tcp # SAP System Gateway Security Port sapgw18s 4818/tcp # SAP System Gateway Security Port sapgw19s 4819/tcp # SAP System Gateway Security Port sapgw20s 4820/tcp # SAP System Gateway Security Port sapgw21s 4821/tcp # SAP System Gateway Security Port sapgw22s 4822/tcp # SAP System Gateway Security Port sapgw23s 4823/tcp # SAP System Gateway Security Port sapgw24s 4824/tcp # SAP System Gateway Security Port sapgw25s 4825/tcp # SAP System Gateway Security Port sapgw26s 4826/tcp # SAP System Gateway Security Port sapgw27s 4827/tcp # SAP System Gateway Security Port sapgw28s 4828/tcp # SAP System Gateway Security Port sapgw29s 4829/tcp # SAP System Gateway Security Port sapgw30s 4830/tcp # SAP System Gateway Security Port sapgw31s 4831/tcp # SAP System Gateway Security Port sapgw32s 4832/tcp # SAP System Gateway Security Port sapgw33s 4833/tcp # SAP System Gateway Security Port sapgw34s 4834/tcp # SAP System Gateway Security Port sapgw35s 4835/tcp # SAP System Gateway Security Port sapgw36s 4836/tcp # SAP System Gateway Security Port sapgw37s 4837/tcp # SAP System Gateway Security Port sapgw38s 4838/tcp # SAP System Gateway Security Port sapgw39s 4839/tcp # SAP System Gateway Security Port sapgw40s 4840/tcp # SAP System Gateway Security Port sapgw41s 4841/tcp # SAP System Gateway Security Port sapgw42s 4842/tcp # SAP System Gateway Security Port sapgw43s 4843/tcp # SAP System Gateway Security Port sapgw44s 4844/tcp # SAP System Gateway Security Port sapgw45s 4845/tcp # SAP System Gateway Security Port sapgw46s 4846/tcp # SAP System Gateway Security Port sapgw47s 4847/tcp # SAP System Gateway Security Port sapgw48s 4848/tcp # SAP System Gateway Security Port sapgw49s 4849/tcp # SAP System Gateway Security Port sapgw50s 4850/tcp # SAP System Gateway Security Port sapgw51s 4851/tcp # SAP System Gateway Security Port sapgw52s 4852/tcp # SAP System Gateway Security Port sapgw53s 4853/tcp # SAP System Gateway Security Port sapgw54s 4854/tcp # SAP System Gateway Security Port sapgw55s 4855/tcp # SAP System Gateway Security Port sapgw56s 4856/tcp # SAP System Gateway Security Port sapgw57s 4857/tcp # SAP System Gateway Security Port sapgw58s 4858/tcp # SAP System Gateway Security Port sapgw59s 4859/tcp # SAP System Gateway Security Port sapgw60s 4860/tcp # SAP System Gateway Security Port sapgw61s 4861/tcp # SAP System Gateway Security Port sapgw62s 4862/tcp # SAP System Gateway Security Port sapgw63s 4863/tcp # SAP System Gateway Security Port sapgw64s 4864/tcp # SAP System Gateway Security Port sapgw65s 4865/tcp # SAP System Gateway Security Port sapgw66s 4866/tcp # SAP System Gateway Security Port sapgw67s 4867/tcp # SAP System Gateway Security Port sapgw68s 4868/tcp # SAP System Gateway Security Port sapgw69s 4869/tcp # SAP System Gateway Security Port sapgw70s 4870/tcp # SAP System Gateway Security Port sapgw71s 4871/tcp # SAP System Gateway Security Port sapgw72s 4872/tcp # SAP System Gateway Security Port sapgw73s 4873/tcp # SAP System Gateway Security Port sapgw74s 4874/tcp # SAP System Gateway Security Port sapgw75s 4875/tcp # SAP System Gateway Security Port sapgw76s 4876/tcp # SAP System Gateway Security Port sapgw77s 4877/tcp # SAP System Gateway Security Port sapgw78s 4878/tcp # SAP System Gateway Security Port sapgw79s 4879/tcp # SAP System Gateway Security Port sapgw80s 4880/tcp # SAP System Gateway Security Port sapgw81s 4881/tcp # SAP System Gateway Security Port sapgw82s 4882/tcp # SAP System Gateway Security Port sapgw83s 4883/tcp # SAP System Gateway Security Port sapgw84s 4884/tcp # SAP System Gateway Security Port sapgw85s 4885/tcp # SAP System Gateway Security Port sapgw86s 4886/tcp # SAP System Gateway Security Port sapgw87s 4887/tcp # SAP System Gateway Security Port sapgw88s 4888/tcp # SAP System Gateway Security Port sapgw89s 4889/tcp # SAP System Gateway Security Port sapgw90s 4890/tcp # SAP System Gateway Security Port sapgw91s 4891/tcp # SAP System Gateway Security Port sapgw92s 4892/tcp # SAP System Gateway Security Port sapgw93s 4893/tcp # SAP System Gateway Security Port sapgw94s 4894/tcp # SAP System Gateway Security Port sapgw95s 4895/tcp # SAP System Gateway Security Port sapgw96s 4896/tcp # SAP System Gateway Security Port sapgw97s 4897/tcp # SAP System Gateway Security Port sapgw98s 4898/tcp # SAP System Gateway Security Port sapgw99s 4899/tcp # SAP System Gateway Security Port |
12.SAProuter脚本
[root@saprouter02 saprouter]# cat saprouter.sh
#!/bin/bash
/usr/sap/saprouter/saprouter -r -K -C 1500"p:CN=saprouter02, OU=0001706753, OU=SAProuter, O=SAP, C=DE" -R /usr/sap/saprouter/saproutab &
13.SAProuter常用命令
[root@saprouter02 saprouter]# ./saprouter
SAP Network Interface Router, Version 40.4
Compiled Mar 30 2015 18:28:41
start router : ./saprouter -r
stop router : ./saprouter -s
soft shutdown: ./saprouter -p
router info : ./saprouter -l (-L)
new routtab : ./saprouter -n
toggle trace : ./saprouter -t
cancel route : ./saprouter -c id
dump buffers : ./saprouter -d
flush " : ./saprouter -f
hide errInfo : ./saprouter -z
start router with third-party library: ./saprouter -a library
generate encrypted password : ./saprouter -h password_to_encrypt
additional options
-R routtab : name of route-permission-file (default ./saprouttab)
-G logfile : name of log file (default no logging)
-T tracefile : name of trace file (default dev_rout)
-V tracelev : trace level to run with (default 1)
-H hostname : of running SAProuter (default localhost)
-S service : service-name / number (default 3299)
-P infopass : password for info requests
-C clients : maximum no of clients (default 800)
-Y servers : maximum no of servers to start (default 1)
-K [myname] : activate SNC; if given, use 'myname' as own sec-id
-A initstring: initialization options for third-party library
-D : switch DNS reverse lookup off
-E : append log- and trace-files to existing
-J filesize : maximum log file size in byte (default off)
-6 : IPv6 enabled
-Z : hide connect error information for clients
expert options
-B quelength : max. no. of queued packets per client (default 1)
-Q queuesize : max. total size for all queues (default 20000000 bytes)
-W waittime : timeout for blocking net-calls (default 5000 millisec)
-M min.max : portrange for outgoing connects, like -M 1.1023
-I address : address for outgoing connects, like -I 155.56.76.6
--sock_buf_size=bufsize : socket send/receive buffer size in bytes
(only set if larger than OS defaults)
default: 32768
valid range: 32768 - 10000000 (0 = OS defaults)
# this is a sample routtab : -----------------------------------------
D host1 host2 serviceX
D host3
P * * serviceX
P 155.56.*.* 155.56
P 155.57.1011xxxx.*
P host4 host5 * xxx
P host6 localhost 3299
P host7 host8 telnet
S host9
P0,* host10
KP sncname1 * *
KS * host11 *
KD "sncname "abc" * *
KT sncname3 host11 *
# deny routes from host1 to host2 serviceX
# deny all routes from host3
# permit routes from anywhere to any host using serviceX
# permit all routes from/to addresses matching 155.56
# permit ... with 3rd byte matching 1011xxxx
# permit routes from host4 to host5 if password xxx supplied
# permit information requests from host6
# permit native-protocol-routes to non-SAP-server telnet
# permit ... excluding native-protocol-routes (SAP-servers only)
# permit ... if number of preceding/succeeding hops (SAProuters) <= 0/*
# permit SNC-connection with partnerid = 'sncname1' to any host
# permit all SAP-SAP SNC-connections to host11
# deny all SNC-connections with partnerid = 'sncname "abc'
# open connects to host11 with SNC enabled and partnerid = 'sncname3'
# first match [host/sncname host service] is used
# permission is denied if no entry matches
# service wildcard (*) does not apply to native-protocol-routes
# --------------------------------------------------------------------
扫一扫
2224
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
