× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2002

Re: PC to AS/400 FTP

> Below is what happens when I try to FTP into our AS/400:
> ==========================
> C:\WINDOWS>ftp 192.168.xxx.xx
> Connected to 192.168.xxx.xx.
> 421 Connection refused.
> Connection closed by remote host.
>
> C:\WINDOWS>

This line:
> 421 Connection refused.

Indicates that the FTP Function INIT failed before you ever got the chance
to tell the system that you are FRANK36.  The INIT function always runs as
user QTCP - it may seem screwy at first, but that is just the way that
things are.  Your exit program only allows FRANK36 to use the FTP server, so
QTCP is not allowed to generate a signon prompt for FRANK36.

When you think about this, it really make perfect sense.  When you issue the
line "C:\WINDOWS>ftp 192.168.xxx.xx", FTP has no idea who you are (you
haven't signed on yet).  So that initial request to receive a signon prompt
(the INIT) runs under a default profile of QTCP.  Once you have signed on
and validated yourself to the system, the rest of the FTP functions run
under the user that successfully signed on.

So you may want to change your exit program so that QTCP is allowed to use
the FTP server, or even more specifically, the INIT function of the FTP
server.  Or you can avoid this little ugly, (and the succeeding quirks of
exit point programming in general) by purchasing a ready made exit program
package that has solved all of these problems already.  I gotta believe that
in the long run it will be less expensive.  :)

HTH,

jte

--
John Earl
www.powertechgroup.com  john.earl@powertechgroup.com
The Powertech Group Inc. Seattle, Washington
Where the Security Experts Live!

Phone: +1-253-872-7788
Fax:      +1-253-872-7904
--
----- Original Message -----
From: "Frank W. Kany IV" <frank.kany@burr-reid.org>
To: <midrange-l@midrange.com>
Sent: Wednesday, May 29, 2002 6:23 AM
Subject: Re: PC to AS/400 FTP


> I have to specify who can sign-on in the exit program for exit point
> "QIBM_QTMF_SERVER_REQ"?  I thought "QIBM_QTMF_SVR_LOGON" was for that.
>
> ----- Original Message -----
> From: "alan shore" <SHOREA@dime.com>
> To: <midrange-l@midrange.com>
> Sent: Wednesday, May 29, 2002 9:09 AM
> Subject: Re: PC to AS/400 FTP
>
>
> > I forget what the individual &OPID's mean, but are'nt you ONLY allowing
> PUTS and nothing else, including sign-on?
> >
> > >>> "Frank W. Kany IV" <frank.kany@burr-reid.org> 05/29/02 08:19AM >>>
> > I wrote a simple exit program for exit point "QIBM_QTMF_SVR_LOGON" that
> > works.  It controls who can signon through FTP in MS-DOS.
> >
> > Now I'm trying get an exit program for exit point "QIBM_QTMF_SERVER_REQ"
> to
> > allow only certain FTP commands.  However, when I add the exit program
to
> > the exit point, the FTP connection is refused by the AS/400.  Anyone see
> > something I'm missing from the program?  Below are steps I have taken,
the
> > FTP session, and the CL source code for the exit program.
> >
> > 1) ENDTCPSVR *FTP
> > 2) add exit program to QIBM_QTMF_SERVER_REQ
> > 3) STRTCPSVR *FTP
> > 4) Open MS-DOS, then try to sign into the AS/400 via FTP
> >
> > Below is what happens when I try to FTP into our AS/400:
> > ==========================
> > C:\WINDOWS>ftp 192.168.xxx.xx
> > Connected to 192.168.xxx.xx.
> > 421 Connection refused.
> > Connection closed by remote host.
> >
> > C:\WINDOWS>
> > ==========================
> >
> > Below is the CL program:
> > ==========================
> > PGM        PARM(&APPIDIN &OPIDIN &USRPRF &IPADDRIN +
> >              &IPLENIN &OPINFOIN &OPLENIN &ALLOWOP)
> >
> > DCL        VAR(&APPIDIN)      TYPE(*CHAR) LEN(4)
> > DCL        VAR(&OPIDIN)       TYPE(*CHAR) LEN(4)
> > DCL        VAR(&USRPRF)      TYPE(*CHAR) LEN(10)
> > DCL        VAR(&IPADDRIN)  TYPE(*CHAR) LEN(15)
> > DCL        VAR(&IPLENIN)     TYPE(*CHAR) LEN(4)
> > DCL        VAR(&OPLENIN)   TYPE(*CHAR) LEN(4)
> > DCL        VAR(&OPINFOIN)  TYPE(*CHAR) LEN(9999)
> > DCL        VAR(&ALLOWOP)  TYPE(*CHAR) LEN(4)
> >
> > DCL        VAR(&APPID)          TYPE(*DEC) LEN(1 0)
> > DCL        VAR(&OPID)            TYPE(*DEC) LEN(1 0)
> > DCL        VAR(&IPLEN)          TYPE(*DEC) LEN(5 0)
> > DCL        VAR(&IPADDR)       TYPE(*CHAR) LEN(15)
> > DCL        VAR(&OPLEN)         TYPE(*DEC) LEN(5 0)
> > DCL        VAR(&OPINFO)       TYPE(*CHAR) LEN(9999)
> > DCL        VAR(&PATHNAME) TYPE(*CHAR) LEN(9999)
> >
> > DCL        VAR(&ALLOW)       TYPE(*DEC) LEN(1 0) VALUE(1)
> > DCL        VAR(&NOALLOW) TYPE(*DEC) LEN(1 0) VALUE(0)
> >
> > DCL        VAR(&CASEREQ) TYPE(*CHAR) LEN(22)                +
> >                 VALUE(X'00000001000000000000000000000000000 +
> >                               000000000')
> > DCL        VAR(&ERROR) TYPE(*CHAR) LEN(4)                        +
> >                 VALUE(X'00000000')
> >
> > CHGVAR     VAR(&APPID)    VALUE(%BINARY(&APPIDIN))
> > CHGVAR     VAR(&OPID)      VALUE(%BINARY(&OPIDIN))
> > CHGVAR     VAR(&IPLEN)    VALUE(%BINARY(&IPLENIN))
> > CHGVAR     VAR(&IPADDR) VALUE(%SUBSTRING(&IPADDRIN 1 +
> >              &IPLEN))
> > CHGVAR     VAR(&OPLEN) VALUE(%BINARY(&OPLENIN))
> >
> > //*only allow "put" operation */
> > IF         COND(&OPID = 1 *OR &OPID = 2 *OR &OPID = 3 +
> >              *OR &OPID = 4 *OR &OPID = 5 *OR &OPID = 7 +
> >              *OR &OPID = 8 *OR &OPID = 9) THEN(CHGVAR +
> >              VAR(%BINARY(&ALLOWOP)) VALUE(&NOALLOW))
> >
> > RETURN
> >
> > ENDPGM
> > =================================================
> >
> > TIA,
> >
> > Frank
> >
> > ----- Original Message -----
> > From: "Frank W. Kany IV" <frank.kany@burr-reid.org>
> > To: <rpg400-l-request@midrange.com>; <midrange-l@midrange.com>
> > Sent: Tuesday, May 28, 2002 8:57 AM
> > Subject: PC to AS/400 FTP
> >
> >
> > > This is a multi-part message in MIME format.
> > > --
> > > [ Picked text/plain from multipart/alternative ]
> > > Thank you all for your suggestions about writing exit programs for
exit
> > points using examples from books such as "Cool title about the AS/400
and
> > the internet" and "Who knew you could do that with RPGIV".
> > >
> > > However, after a week of working on this, I am still have difficulties
> in
> > successfully implementing these exit programs.  I have pasted some of
the
> > messages I get when I try to FTP into our AS/400.  I have also pasted
the
> CL
> > program I found somewhere that I use to validate server logon.
> > >
> > > I'd like to add that the problem with being rejected from logging on
and
> > sometimes even refused connection happens with all the exit programs I
> write
> > not just this 1 little CL program.  I duplicated every exit program that
> has
> > been put in front of me and when I implement them my connection is
refused
> > or log on is rejected.
> > >
> > > I created the program in my library. Ran the command "WRKREGINF".
> > Selected "QIBM_QTMF_SVR_LOGON" with an option "8".  Added exit program
> > "FTPLOGON" from my library.  I wait a few minutes.  Go to MS-DOS and
below
> > is the result:
> > > =========================
> > > C:\WINDOWS>ftp 192.168.XXX.XX
> > > Connected to 192.168.XXX.XX.
> > > 220-QTCP at 192.168.XXX.XX.
> > > 220 Connection will close if idle more than 5 minutes.
> > > User (192.168.XXX.XX:(none)): frank
> > > 331 Enter password.
> > > Password:
> > > 530 Log on attempt by user FRANK rejected.
> > > Login failed.
> > > ftp> quit
> > > 221 QUIT subcommand received.
> > > ===============================
> > >
> > > Source for the CL exit program:
> > > ========================================
> > > PGM        PARM(&APPIDIN &USRIN &USRLENIN &AUTIN +
> > >              &AUTLENIN &IPADDRIN &IPLENIN &RETCDOUT +
> > >              &USRPRFOUT &PASSWDOUT &CURLIBOUT)
> > >
> > > DCL        VAR(&APPIDIN)       TYPE(*CHAR) LEN(4)
> > > DCL        VAR(&USRIN)            TYPE(*CHAR) LEN(999)
> > > DCL        VAR(&USRLENIN)    TYPE(*CHAR) LEN(4)
> > > DCL        VAR(&AUTIN)           TYPE(*CHAR) LEN(999)
> > > DCL        VAR(&AUTLENIN)   TYPE(*CHAR) LEN(4)
> > > DCL        VAR(&IPADDRIN)    TYPE(*CHAR) LEN(15)
> > > DCL        VAR(&IPLENIN)        TYPE(*CHAR) LEN(4)
> > > DCL        VAR(&RETCDOUT)  TYPE(*CHAR) LEN(4)
> > > DCL        VAR(&USRPRFOUT)  TYPE(*CHAR) LEN(10)
> > > DCL        VAR(&PASSWDOUT) TYPE(*CHAR) LEN(10)
> > > DCL        VAR(&CURLIBOUT)   TYPE(*CHAR) LEN(10)
> > > DCL        VAR(&APPID)               TYPE(*DEC) LEN(1 0)
> > > DCL        VAR(&USRLEN)           TYPE(*DEC) LEN(5 0)
> > > DCL        VAR(&AUTLEN)          TYPE(*DEC) LEN(5 0)
> > > DCL        VAR(&IPLEN)               TYPE(*DEC) LEN(5 0)
> > >
> > > CHGVAR     VAR(&APPID)       VALUE(%BINARY(&APPIDIN))
> > > CHGVAR     VAR(&USRLEN)   VALUE(%BINARY(&USRLENIN))
> > > CHGVAR     VAR(&AUTLEN)  VALUE(%BINARY(&AUTLENIN))
> > > CHGVAR     VAR(&IPLEN)       VALUE(%BINARY(&IPLENIN))
> > >
> > > CHGVAR     VAR(&RETCDOUT) VALUE('1')
> > >
> > > IF         COND(%SST(&USRIN 1 7) = 'FRANK36') +
> > >              THEN(CHGVAR VAR(&RETCDOUT) VALUE('0'))
> > >
> > > RETURN
> > >
> > > ENDPGM
> > > =========================================
> > >
> > > What I am missing or doing wrong?
> > >
> > > Frank
> > > --
> > >
> > >
> > > _______________________________________________
> > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> > list
> > > To post a message email: MIDRANGE-L@midrange.com
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> > > or email: MIDRANGE-L-request@midrange.com
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/midrange-l.
> > >
> > >
> >
> >
> > _______________________________________________
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-L@midrange.com
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> > or email: MIDRANGE-L-request@midrange.com
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
> > _______________________________________________
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-L@midrange.com
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> > or email: MIDRANGE-L-request@midrange.com
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
> >
>
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> or email: MIDRANGE-L-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.