restricting network ports on oracle clients

I have currently run into a security problem with net8 and was wondering if you could help me out
or spread some light on the issue for me. I want to configure the Oracle clients to connect
to the database using a specified range of Ports. I assume this configuration will go in the tnsnames.ora file but I do not know the syntax nor have I been able to find an example.
Here's a sample tnsnames file to help my explanation.

DB2 =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = MY.DATABASE.COM)(PORT = 1521))     (CONNECT_DATA = (SID = ORCL))
  )

This tells the client to connect up to the oracle listener at MY.DATABASE.COM on port 1521.
(thats easy) What I want to do is restrict what port oracle replies on.
Security wants to close all ports that are not being used by a firewall and want me to give them specific ports or a range of ports where oracle will communicate with the clients. Currently the database is replying
on ports in a range from 30000 to 50000, but this depends on the box that makes the call. Each box
seems to be in a restricted range.

Here is an example from the listener.log

(CONNECT_DATA=(SID=ORCL)(CID=(PROGRAM=)(HOST=MY.CLIENT.COM)(USER=CLIENT)
))
*
(ADDRESS=(PROTOCOL=tcp)(HOST=MY.DATABASE.COM)(PORT=33022)) * establish *
orcl* 0

Here the listener is replying to MY.CLIENT.COM on port 33022. I want to configure the ports or range
of ports where the listener responds. I assume this is done in either the tnsnames.ora on the client or
the listener.ora on the server. (my guess is tnsnames with a parameter called source but I have not been
able to find an example). Can you help me out with this. Maybe send me a tnsnames.ora
that has this configured so I can see the syntax. Point to the correct documentation or something.
Thanks in advance.

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't. Received on Thu Aug 19 1999 - 14:14:13 CDT