Show TOC

RFC API and SAProuterLocate this document in the navigation structure

Use

SAProuter is an SAP software product which is available on all SAP-based UNIX platforms as well as for Windows and Linux. It acts like a firewall system by regulating access from/to your network.

SAProuter can be used

  • to establish an indirect connection between two programs running on different machines. The network configuration does not allow a direct communication between these machines due to missing IP addresses (or the same IP addresses as well) or firewall restrictions.

  • to improve network security by allowing accesses from/to your network with or without password-protection only from a specified machine where the SAProuter is running.

  • to control and log all connections between your network and the rest of the world.

Important SAProuter Commands

saprouter

Online help (display list of all supported options)

saprouter -r

Start SAProuter with default values

saprouter -s

Stop SAPRouter

Route String

A route string can have one or more substrings. Each substring contains parameters how to reach the next SAProuter or the target host or program on the target host.

Such parameters are:

  • name or IP-address of the target host

  • service (port number) of the program running on the target host

  • password for this connection, if needed

Example

Example of one substring: /H/host/S/service/P/password

H: Identifier for host name

S: Identifier for service (port number)

P: Identifier for password

Route Permission Table

The SAProuter regulates access to your network via the route permission table in form of a file. You can start your SAProuter with this file name.

An entry in a route permission table has the following structure:

<P/D> <source host> <target host> <target service> <password>

P(ermit):

allows connection

D(eny):

prevents connection

<source host>:

host name or IP-address, could be a SAProuter

<target host>:

host name or IP-address, could be a SAProuter

<target service>:

service (port number) of the program of the target host The default service of SAProuter is '3299'.

Caution

If no route permission table was explicitly assigned to the SAProuter while starting (option -R <name of a route permission table>), the file 'saprouttab' in the current directory will be used. If this file is not available, all connections are allowed.

You can use wildcarts ('*') to define hosts, services and passwords in your route permission table.

More Information

For more information on RFC API and SAP Router see:

For general information on SAProuter see: