Thursday, February 16, 2012

Shut Down EMC Ionix (Voyence) NCM Port

Shut Down EMC Ionix (Voyence) NCM Port

Every try to shut down EMC Ionix (formerly Voyence) NCM (Network Configuration Manager) related tcp port services, by disabling /etc/init.d scripts, to find that there are still sockets being listened to?

The Problem

It was noted, on an NCM or Voyence platform, that a required port was still being listened to.
sun9999/root# netstat -anf inet | grep 1029
*.1029 *.* 0 0 49152 0 LISTEN
Verify the Culprit

Was it really a part of EMC Ionix NCM or Voyence?
sun9999/root# telnet localhost 1029
Connected to localhost.
Escape character is '^]'.

Welcome to EMC Proxy
Copyright (c) 2011 EMC Corporation

User Access Verification
Enter user name:
telnet> quit
Connection to localhost closed.
Well, it appears that EMC is definitely at the root cause.

Not a Start/Stop Script?

Since all the start/stop scripts were disabled from starting up, what else could be the cause?

Under modern UNIX systems, there is a service management facility.

Track Down the Service

Check the port against the registered services file.
sun9999/root# grep telnetproxy /etc/services
telnetproxy 1029/tcp # telnetproxy
Check Against Service Management Facility

EMC appeared nice enough to name the service consistently across the infrastructure
sun9999/root# inetadm | grep telnetproxy
enabled onlinne svc:/network/telnetproxy/tcp:default

sun9999/root# svcs -a | grep telnetproxy
enabled 18:22:21 svc:/network/telnetproxy/tcp:default
Where is the Executable for the Service?

The inet service can be interrogated to reveal the executable being run.
sun9999/root# inetadm -l svc:/network/telnetproxy/tcp:default
default bind_addr=""
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
default tcp_wrappers=FALSE
default connection_backlog=10

sun9999/root# ls -al /usr/sbin/in.telnetproxy
-rwxr-xr-x 1 root voyence 1151 Feb 7 18:18 /usr/sbin/in.telnetproxy

EMC was kind enough to name the group of the file, to correctly identify the origin. It is safe to shut down this service.
sun9999/root# svcs svc:/network/telnetproxy/tcp:default
online Feb_07 svc:/network/telnetproxy/tcp:default

sun9999/root# svcadm disable svc:/network/telnetproxy/tcp:default

sun9999/root# svcs svc:/network/telnetproxy/tcp:default
disabled 18:22:21 svc:/network/telnetproxy/tcp:default

Verify the Telnet Proxy Disable

Check for the tcp port via netstat, to verify that disabling the service did the job.
sun9999/root# netstat -anf inet |grep 1029

No comments:

Post a Comment