Re: Suggestion for a lexical (login mode via TCPIP)
- From: John Santos <john@xxxxxxx>
- Date: Fri, 22 Dec 2006 09:05:21 GMT
JF Mezei wrote:
One can use F$MODE to find if a process is interactive, batch, network or other.
Not sure of it is the right one to modify or to add another one, but it would be useful to be able to get information on whether the user us coming in via FTP, TELNET, etc. In other words , find out which target service on VMS is being used. TCPIP:23 would be telnet, TCPIP:21 would be FTP etc etc.
This would also allow a LOGIN.COM to check if someone is coming in through a secure/SSL port for instance.
This is a good request, but tacking it on to f$mode would break loads
of stuff.
I think the right place to put this would be in TT_ACCPORNAM, though
this is defined (for TCP connections) by the TCP stack, and is not in
a standard format. I.E. it looks different on TCPware than it does on
TCP/IP (aka UCX), and looks different for DECnet and LAT connections
as well. For the HP SSH server, it seems to be undefined (i.e. "").
For the TCPware SSH server, it seems to be "ssh/<hostname>:<source port>".
FTP and other such server connections should have f$mode="network". I
don't know if tt_accpornam is defined for non-interactive processes.
Diagnosing where a connection is coming from is pretty hairy, especially
if you want to allow for multiple network stacks, batch processes, etc.
You need to look at device names, f$mode, tt_accpornam, etc. And don't
forget about the possibility of virtual terminals. (I think the VT's
accpornam falls through from the physical terminals accpornam, so it
can change if the process gets disconnected and reconnected from
somewhere else. Try breaking a telnet connection, causing the telnet
sessions virtual terminal to disconnect, then reconnecting to it again
from a local terminal or a terminal server or "$ set host/lat <lathostname>"
where <lathostname> is the LAT service running on the local host!
It would be nice to have a standardized way of determining this which
worked equally well with all vendor's IP stacks and protocols (telnet,
ssh, rsh, rexec, ???), as well as with local, dialup, LAT, DECnet,
DECwindows, xterm, etc. and was well-behaved with non-interactive
processes too, such as ftp server processes and batch processes, or
anything else that can execute DCL.
Maybe a bunch of getjpi items for type (f$mode might suffice),
protocol (DECnet, TCP/IP, LAT, DECterm, local port, etc.), sub-protocol
(telnet, ssh, rsh, ftp, http, etc. for TCP/IP, not sure if it applies
to other protocols), source (DECnet node name, IP address, LAT server
name, etc.), source port (IP source port number, terminal server
physical port number, session number if using a serial line
multiple-session utility, etc.)
This would require the co-operation of VMS, DECwindows, DECnet
and TCP/IP network groups within HP, third-party TCP/IP vendors
(Process), and any other third-party vendors who make terminal
port drivers. (There used to be a multi-session utility, I think
be the same people who made some session-monitoring utilities.
I don't know if they used their own driver or used documented
interfaces to the pseudo terminal driver.)
--
John Santos
Evans Griffiths & Hart, Inc.
781-861-0670 ext 539
.
- References:
- Suggestion for a lexical (login mode via TCPIP)
- From: JF Mezei
- Suggestion for a lexical (login mode via TCPIP)
- Prev by Date: Re: Need help with DHCP Client & Name servers
- Next by Date: Re: Wiki server for VMS?
- Previous by thread: Suggestion for a lexical (login mode via TCPIP)
- Next by thread: Re: Suggestion for a lexical (login mode via TCPIP)
- Index(es):
Relevant Pages
|
