RE: Testing a TELNET exit point

Pete,

According to IBM you shouldn't have to bounce the Telnet server.
Resolution to the exit program happens at run time.  All you need to do
is register your exit program to the exit point to get it invoked.

I have a few suggestions for you in debuggin this.  First, ensure you
have your  entry parameter list set up correctly.  Second, check the
Telnet job for error messages.  You may have to change the job to do
second level reporting.  

Third, You may also want to think about restricting the Telnet jobs to a
single job so you can put your exit program into debug.  Hold the telnet
job and start a service job (STRSRVJOB), release the telnet job and put
your program into debug.  Then use a new session to activate the telnet
job.

Lastly, it can be in your best interests to purchase an intrusion
detection and prevention tool.  My preference is NetworkSecurity from
the PowerTech Group, but I'm biased.  I know people get upset when this
type of thing is said, but let me explain.  In addition to being a fine
intrusion detection and prevention tool NetworkSecurity has this nice
little feature called supplemental exit program execution - A feature
available for all servers covered by NetworkSecurity.  Supplemental exit
program execution allows you to run your exit program after
NetworkSecurity's has run.  You gain the advantages afforded by
NetworkSecurity, a tool to assist you in getting your own exit program
up and running, and a method to customize your special environment.  If
for any reason, your exit program ends abnormally NetworkSecurity sends
a message to the job's message queue and to a message queue defined
within NetworkSecurity.

Hope this helps.

Gary Monnier | Senior Software Developer

19426 68th Ave. S
Kent, WA 98032
(253) 872-7788 ext. 308
gary.monnier@xxxxxxxxxxxxx
www.powertech.com 
This email message and any attachments are intended only for the use of
the intended recipient named above and may contain information that is
privileged and confidential. If you are not the intended recipient, any
dissemination, distribution, or copying is strictly prohibited. If you
received this email message in error, please immediately notify the
sender by replying to this email message or by telephone and delete the
message from your email system. Thank you.




-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Pete Helgren
Sent: Tuesday, December 16, 2003 1:22 PM
To: MIDRANGE-L@xxxxxxxxxxxx
Subject: Testing a TELNET exit point


After scrubbing the web for an example of an RPG OPM Telnet Exit point
example with no luck, I finally was able to find an ILE RPG example that
I
understood well enough to modify and compile (a feat in itself).  Now
that I
have it compiled, my challenge is to get it to work!

I registered the program at the QIBM_QTG_DEVINIT format INIT0100 exit
point,
stopped and restarted the Telnet service and nothing!  The exit program
is,
at minimum, supposed to issue a message to the QSYSOPR message queue
that
the Telnet device was created for user XXXXXXXXXX but I don't get
anything
that indicates that the exit point is being hit.

Perhaps this should go to programmers topic but I think the program is
working correctly.  What I don't know is if this program is registered
at
correct point or under the correct conditions.  What I want to
accomplish
with the program is to verify that the user who starts the telnet
session is
authorized to do so over an SSL connection.  The program logic looks
correct, but I can't evaluate that if the program never gets triggered
and
that seems to be the current problem.

Any pointers?  And, on the offhand chance that it is an ILE "ignorance"
problem, the program was created with the crtbndrpg command using
default
creation values and registered using the ADDEXITPGM command with default
values (except program name and library).  I can see that the program is
registered using the WRKREGINF command.

TIA,

Pete Helgren
Timpanogos Technologies, Inc