MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » October 2012

RE: FTP logging issue



fixed

Here's the command as issued from Windows7 FTP client: mget ftplog.*

And the results recorded my iSeries log file (not the ftplog file listed
above):
FTP exit pgm #FTPLOGON4 invoked
DIR /QSYS.LIB/SECTCPDATA.LIB/FTPLOG.FILE/*.MBR
DIR /QSYS.LIB/SECTCPDATA.LIB/FTPLOG.FILE/*.MBR
FTP exit pgm #FTPLOGON4 invoked
GET /QSYS.LIB/SECTCPDATA.LIB/FTPLOG.FILE/FTPLOG.MBR
GET /QSYS.LIB/SECTCPDATA.LIB/FTPLOG.FILE/FTPLOG.MBR
FTP exit pgm #FTPLOGON4 invoked
GET /QSYS.LIB/SECTCPDATA.LIB/FTPLOG.FILE/Q1121022.MBR
GET /QSYS.LIB/SECTCPDATA.LIB/FTPLOG.FILE/Q1121022.MBR


When I do mget testfile.* (a non-existent iSeries file):
FTP exit pgm #FTPLOGON4 invoked
DIR /QSYS.LIB/SECTCPDATA.LIB/TESTFILE.FILE/*.MBR
DIR /QSYS.LIB/SECTCPDATA.LIB/TESTFILE.FILE/*.MBR

And the FTP client displays the message "Cannot find list of remote files"

Interesting that.

Tom


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Vernon Hamberg
Sent: Monday, October 22, 2012 3:32 PM
To: Midrange Systems Technical Discussion
Subject: Re: FTP logging issue

Very cool!

On a different tack - Chuck mentioned MGET with a wildcard - I'm curious as
to what is provided to your exit program in this case - does it CALL the
exit for each object that matches?

Since you already HAVE the exit program, maybe you can try one of those!
Of course, reject everything, right?

Vern

On 10/22/2012 2:54 PM, Tom Hightower wrote:
Thanks - I've emailed myself a copy of those to put in my 'How-To' folder!

Tom


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Vernon Hamberg
Sent: Monday, October 22, 2012 1:39 PM
To: Midrange Systems Technical Discussion
Subject: Re: FTP logging issue

Tom

I posted 17 easy steps for debugging with SEPs on these lists - it's
actually a lot easier than that sounds - this is the green side of things.

The RDP debugger is very cool - or you can use the very similar
graphical debugger that is part of the Java Toolkit.

Here's the URL for those instructions -

http://archive.midrange.com/web400/201011/msg00282.html

I worked this up because I'm often on a customer's machine, and
neither RDP nor the graphical debugger are an option.

A caveat - if you do this on a production machine, for a program or
service program that many people are using, you may end up getting
lots of messages about the breakpoint occurring - and those users are
blocked until you press enter when the message is displayed.

HTH
Vern

On 10/22/2012 12:14 PM, Tom Hightower wrote:
No I haven't, and really don't know how - yet. I'll start trolling
the archives.

Or if someone wanted to give me some instructions on how to do that,
I would really appreciate it.

Tom


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Monday, October 22, 2012 11:52 AM
To: Midrange Systems Technical Discussion
Subject: RE: FTP logging issue

You try debugging with a "service entry point" yet?


Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600
Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: "Tom Hightower" <tomh@xxxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>,
Date: 10/22/2012 12:49 PM
Subject: RE: FTP logging issue
Sent by: midrange-l-bounces@xxxxxxxxxxxx



Logging is in place.

My home-grown FTP exit program(s) record who logged in, from where,
when, and the commands done. I have a db setup wherein I've defined
each FTP user, where they can log in from, the acceptable FTP
commands (MD, CD, GET, PUT, etc) , and their library (or IFS folder,
if that's what they need), and a list of SYS commands that they issue
(if we need to restrict them to that level). If they try to issue an
invalid command, a log entry is noted.
Shoot, everything is logged; as soon as the FTP exit program is
activated (right after the first '/free' statement), the very first
thing that is done is a log entry is made, before any checking is
done ("FTP EXIT Program
running')

Logins are handled just fin, library/folder restrictions are being
handled no problem, SYS restrictions work. GETs are working and are
recorded, PUTs are working and are recorded. But the GET/PUT
failures aren't being logged; the 'FTP EXIT Program running' entry
isn't even being recorded (indicating that the exit program isn't
even being called - right?). I've got to be missing something, but I
don't know what.

So... I figured my home-grown stuff is fouling up somewhere. To
prove that, I downloaded, installed and set up SECTCP from Easy400.net.
It's *DOING THE SAME THING*. Successes are recorded, failures are
not.

Am I missing something somewhere?

Tom

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jack Kingsley
Sent: Saturday, October 20, 2012 5:16 AM
To: Midrange Systems Technical Discussion
Subject: Re: FTP logging issue

So is all your logging that your getting then just host generated
commands that you get(puts, gets).

On Fri, Oct 19, 2012 at 5:58 PM, Tom Hightower <tomh@xxxxxxxxxxx> wrote:

I've got an FTP exit program in place to control logins, and to
record the various commands processed by the FTP server on the iSeries:

Exit point: QIBM_QTMF_SERVER_REQ Format: VLRQ0100
Program: #FTPLOGON4

The program logs "gets" gets (among commands). Well, mostly. it
records the SUCCESSFUL gets. If a PC user (for example) issues a
get on a non-existent file, nothing is recorded. All of the
successful gets are recorded just fine.

Is there something in the program I should look at to enable logging
of the unsuccessful commands?

Tom

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To
subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please
take a moment to review the archives at
http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To
subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.






Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact