Logging is in place.
My home-grown FTP exit program(s) record who logged in, from where, when,
and the commands done. I have a db setup wherein I've defined each FTP
user, where they can log in from, the acceptable FTP commands (MD, CD, GET,
PUT, etc) , and their library (or IFS folder, if that's what they need), and
a list of SYS commands that they issue (if we need to restrict them to that
level). If they try to issue an invalid command, a log entry is noted.
Shoot, everything is logged; as soon as the FTP exit program is activated
(right after the first '/free' statement), the very first thing that is done
is a log entry is made, before any checking is done ("FTP EXIT Program
running')
Logins are handled just fin, library/folder restrictions are being handled
no problem, SYS restrictions work. GETs are working and are recorded, PUTs
are working and are recorded. But the GET/PUT failures aren't being logged;
the 'FTP EXIT Program running' entry isn't even being recorded (indicating
that the exit program isn't even being called - right?). I've got to be
missing something, but I don't know what.
So... I figured my home-grown stuff is fouling up somewhere. To prove that,
I downloaded, installed and set up SECTCP from Easy400.net. It's *DOING THE
SAME THING*. Successes are recorded, failures are not.
Am I missing something somewhere?
Tom
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jack Kingsley
Sent: Saturday, October 20, 2012 5:16 AM
To: Midrange Systems Technical Discussion
Subject: Re: FTP logging issue
So is all your logging that your getting then just host generated commands
that you get(puts, gets).
On Fri, Oct 19, 2012 at 5:58 PM, Tom Hightower <tomh@xxxxxxxxxxx> wrote:
I've got an FTP exit program in place to control logins, and to record
the various commands processed by the FTP server on the iSeries:
Exit point: QIBM_QTMF_SERVER_REQ Format: VLRQ0100
Program: #FTPLOGON4
The program logs "gets" gets (among commands). Well, mostly. it
records the SUCCESSFUL gets. If a PC user (for example) issues a get
on a non-existent file, nothing is recorded. All of the successful
gets are recorded just fine.
Is there something in the program I should look at to enable logging
of the unsuccessful commands?
Tom
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
http://archive.midrange.com/midrange-l.
midrange.com
