This chapter describes FTP-OpenVMS Client and FTP-OpenVMS Server management. Topics include:
Client considerations include creating a startup command file and determining the status on an exit condition.
You can create a system-wide startup file that is executed each time the local client starts an FTP session. To create a startup command file, you need to:
See the User's Guide, Chapter 3, FTP: Transferring Files, Startup Command File about setting up a client-specific FTP_STARTUP.COM file.
SET DEBUG /CLASS=REPLIES (VERBOSE mode) is enabled by default in TCPware's FTP-OpenVMS Client so that you do not need to explicitly add the command to the file. However, any VERBOSE command may toggle it to OFF.
See the User's Guide, Chapter 3, FTP: Transferring Files, about setting VERBOSE mode. See your OpenVMS documentation about the SET PROTECTION command.
To exit FTP, use the EXIT command or type
FTP exits with the last error status, if any. DCL command procedures can use the $STATUS and $SEVERITY symbols to test for success or failure of the FTP commands issued. A success status indicates that all commands succeeded. A warning, error, or severe status indicates that one or more commands failed to execute.
When possible, the status code is a System Service (defined in $SSDEF), RMS (defined in $RMSDEF), or shared (defined in $SHRDEF) status. In some cases, status codes are TCPWARE_ private codes with a facility number of 1577.
The FTP server provides security through login procedures, the use of log files, and the automatic termination of idle control connections.
The FTP server uses the same login procedures as DECnet network connections and does not support OpenVMS accounts with two passwords.
The FTP server lets you define three logicals for access restrictions to specific directory trees. These include the TCPWARE_ FTP_ROOT logical for system-wide access restrictions, the TCPWARE_FTP_ANONYMOUS_ROOT logical for ANONYMOUS user access restrictions, and the TCPWARE_FTP_username_ROOT logical for specific username access restrictions. See Server Logicals and ANONYMOUS Support.
The FTP server creates a log file in your default directory each time a client user successfully logs in. This FTPSERVER_DTP.LOG file contains information about files transferred during the FTP session. If client users have problems logging in and are sure they specified a proper user name and password, you can check the SYSLOGIN and user account login command procedures for commands that could have caused the login to fail.
Examining the FTPSERVER_DTP.LOG file might help isolate the problem. You may need to execute some operations only if the process mode is interactive. (Use the F$MODE() lexical function to determine the mode and then skip around the offending commands if not an interactive login.) The FTP server runs in network mode.
If you suspect break-in attempts, you can also define the TCPWARE_FTP_LOGFILE system logical to specify the name of a log file. See TCPWARE_FTP_LOGFILE.
If the control connection (other than during a data transfer) is idle for more than 10 minutes, the FTP server aborts the connection, unless you change the idle timeout value using the TCPWARE_FTP_IDLE_TIMEOUT logical. See TCPWARE_FTP_IDLE_TIMEOUT.
You can include special informational text messages in a specified file in directories so that the message appears when an FTP client user logs in or changes to that directory. The TCPWARE_FTP_MESSAGE_FILE logical determines the filename to check in each directory. This feature is particularly helpful for ANONYMOUS FTP client users to get informational messages when changing directories (see the next section for a description of ANONYMOUS support).
For example, the FTP_CONTROL.COM file that you activate on startup includes the following line commented-out:
!$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_MESSAGE_FILE ".MESSAGE"
You can activate this logical with the default .MESSAGE file definition, or change it to WELCOME.TXT, for example. What the file should contain depends on the context. If the file is in a login directory, it should contain a general message about the system, such as Welcome to OpenVMS VAX V6.2 (IRIS). If the file is in another directory to which the user can move, it should have specifics about the directory, such as Welcome to the SUPPORT directory. It contains TECHNICAL SUPPORT information.
The FTP client user must set VERBOSE mode to be able to see the messages. VERBOSE (REPLIES) mode is set by default in TCPware's FTP-OpenVMS Client.
The FTP command line client interprets the exclamation point (!) as the start of a comment. To send an exclamation point to the server it must be enclosed in quotes ("). The quote character (") must be doubled up in the string if it is to be sent to the server. For example:
FTP> "! send this string to the server."
sends the whole line, including the exclamation point and the period.
The FTP command line client prompts with the name of the opened node when the TCPWARE_FTP_PROMPT_NODENAME logical is defined.
The FTP server provides special support for ANONYMOUS accounts.
To set up an ANONYMOUS account, issue commands using the OpenVMS AUTHORIZE utility:
$ AUTHORIZE UAF> ADD ANONYMOUS/PASSWORD=GUEST/UIC=[uic] -
_UAF> [/other qualifiers] /NOPWDEXP/NOPWDLIFE
UAF> MODIFY ANONYMOUS/NOLOCAL/NOBATCH/NOREMOTE/NODIALUP
UAF> MODIFY ANONYMOUS/PRIV=NONETMBX/DEFPRIV=NONETMBX
The /NOPWDEXP and /PWDLIFE=NONE qualifiers ensure that the password remains active indefinitely. The /LOCAL, /NOBATCH, /NOREMOTE, and /NODIALUP qualifiers prevent access to the account from those sources. Removing the NETMBX privilege prevents DECnet access.
See your OpenVMS documentation for details on the AUTHORIZE utility.
FTP users have automatic read access through ANONYMOUS accounts. You can also assign write, rename, or delete access by defining the TCPWARE_FTP_ANONYMOUS_RIGHTS logical.
See TCPWARE_FTP_ANONYMOUS_RIGHTS.
Be aware of the following:
date/time ANONYMOUS FTP login successful (password) from ia, port
Each command is logged with the following format:
date/time ANONYMOUS FTP user (password) at ia, job 120 reply to user command job 120 PWD
The response to each command is logged with the following format:
date/time ANONYMOUS FTP user (password) from (internet address), job (pid), (reply string) or
date/time user name from (internet address), job (pid), (reply string)
The FTP server supports the following special system-definable logicals:
Note! With the root logicals (TCPWARE_FTP_ROOT, TCPWARE_FTP_ANONYMOUS_ROOT, and TCPWARE_FTP_username_ROOT), any logical you refer to in the equivalence name (such as a disk name) must also be an executive mode, system table logical. With all of these logicals, if the user account cannot access the directory, FTP operations will fail with the error %RMS-E-PRV.
The TCPWARE_FTP_220_REPLY logical defines a message displayed when a user connects to the server and can log in. This message replaces the default message.
You can define lines of the message text, one comma-separated equivalence string for each line. You can also specify a file that contains the message text by defining an equivalence string starting with the at-sign (@) and followed by the complete file specification. For example, you can define the welcome text equivalence string as follows:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_220_REPLY -
_$ "**AUTHORIZED USE ONLY **",-
_$ "bart.nene.com (192.168.34.56)", -
_$ "FTP-OpenVMS FTPD V5.4 (c) 1999 Process Software Corporation"
Alternately, you can include the last three equivalence strings in an FTP_WELCOME.TXT file and define the logical as follows:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_220_REPLY -
_$ "@SYS$MANAGER:FTP_WELCOME.TXT"
In either case, when a user connects to a host, the message appears as follows:
220-** AUTHORIZED USE ONLY **
220-bart.nene.com (192.168.34.56)
220 FTP-OpenVMS FTPD V5.4 (c) 1999 Process Software Corporation
_Username []:
The TCPWARE_FTP_221_REPLY logical defines a message to appear when a user ends the FTP session. If you do not define this logical, TCPware uses the default message instead. As with TCPWARE_FTP_220_REPLY, you can define a text string or file. For example:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_221_REPLY -
_$ "Connection to FTP server has been closed"
Now, when the user closes the FTP connection, the following message appears:
221 Connection to FTP server has been closed
The TCPWARE_FTP_230_REPLY logical defines a message to appear when a user successfully logs in. If you do not define this logical, TCPware uses the default message instead. As with TCPWARE_FTP_221_REPLY, you can define a text string or file. For example:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_230_REPLY-
_$ "Login successful"
Now, when the user logs in using FTP, the following message appears:
230 Login successful
The TCPWARE_FTP_421_REPLY logical defines a message sent when a user connects to the server but should not log in. After sending the message, the connection closes. For example, you can define this logical to prevent FTP access for a short time period. Be sure to deassign the logical after this period to allow FTP access again. As with TCPWARE_FTP_230_REPLY, you can define a text string or file. For example:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_421_REPLY-
_$ "System maintenance in progress until 17:30"
Now, when the user connects to the host through FTP, the following message appears and then the connection closes:
421 System maintenance in progress until 17:30
Note! The TCPWARE_FTP_421_REPLY logical has precedence over the TCPWARE_FTP_220_REPLY logical.
The logical name TCPWARE_FTP_ALL_VERSIONS requests the NLST and LIST commands to display all versions of the specified files. If TCPWARE_FTP_ALL_VERSIONS is defined, the logical name TCPWARE_FTP_STRIP_VERSION has no effect.
Note! TCPWARE_FTP_ALL_VERSIONS is ignored if the FTP Server is in UNIX emulation mode.
By default, the FTP server does not allow file transfers for CAPTIVE accounts. However, by defining the TCPWARE_FTP_ALLOWCAPTIVE logical, you can allow CAPTIVE accounts to use all FTP commands except SITE SPAWN. Define the logical as follows:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_ALLOWCAPTIVE " "
You must also modify the CAPTIVE account procedure to allow the FTP server to start the data transfer process. The procedure can check if the logical "TT" is equal to "TCPWARE:FTPSERVER_DTP.COM" and exit out of the login procedure, as follows:
$! Check if this is the TCPware FTP data transfer process:
$ IF F$LOGICAL("TT") .EQS. "TCPWARE:FTPSERVER_DTP.COM" THEN EXIT
$! Refuse other network connections (such as DECnet):
$ IF F$MODE() .EQS. "NETWORK" THEN LOGOUT
$! (or allow by using "...THEN EXIT" above)
$! Remainder of CAPTIVE procedure follows:
$....
The TCPWARE_FTP_ANONYMOUS_230_REPLY logical defines a message to appear when an ANONYMOUS user successfully logs in. If you do not define this logical, TCPware uses the default message instead. As with TCPWARE_FTP_230_REPLY, you can define a text string or file. For example:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_ANONYMOUS_230_REPLY-
_$ "ANONYMOUS login successful"
Now, when a user logs in using the ANONYMOUS account, the following message appears:
230 ANONYMOUS login successful
The TCPWARE_FTP_ANONYMOUS_RIGHTS logical lets you define write, rename, and delete access rights for the ANONYMOUS FTP user in addition to read access. For example:
$ DEFINE/SYS/EXEC/NOLOG TCPWARE_FTP_ANONYMOUS_RIGHTS-
_$ "WRITE,RENAME,DELETE"
|
WRITE |
Lets you PUT, COPY, SEND, and MPUT files into the ANONYMOUS FTP area. It also allows execution of the CREATE/DIRECTORY command. |
|
RENAME |
Lets you rename and append files in the ANONYMOUS FTP area. |
|
DELETE |
Lets you delete files and directories from the ANONYMOUS FTP area. |
The definition of these rights does not override the actual file protections. If a directory does not allow write access, users cannot write to the directory even though the TCPWARE_FTP_ANONYMOUS_RIGHTS logical grants them write access. Likewise, if a file does not allow delete access, users cannot delete it even if the TCPWARE_FTP_ANONYMOUS_RIGHTS logical grants them delete access.
The TCPWARE_FTP_ANONYMOUS_ROOT (system level, executive mode) logical defines access restrictions for users logged in as ANONYMOUS. For example, you can set access restrictions for users logged in as ANONYMOUS to allow access to just the ANONYMOUS$USER directory and its subdirectories, as follows:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_ANONYMOUS_ROOT ANONYMOUS$USER:
If you do not set this logical, the FTP server defaults to the setting in the TCPWARE_FTP_ROOT logical (described above), if it exists.
This controls whether UNIX style filename parsing is done. If this logical is not defined and a / is found in the filename, then it is assumed to be a UNIX style filename. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_DISALLOW_UNIX_STYLE ?
Defines the default allocation /extention quantity for new files and appends. See FAB$W_DEQ in the OpenVMS Record Management Services Manual for an explanation of the effect of this. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_EXTENSION_QUANTITY ?
If you want to change the timeout for FTP connection attempts to something other than the default of 10 minutes, use the TCPWARE_FTP_IDLE_TIMEOUT system logical. The FTP server checks the timeout when you enter and complete a command. Therefore, you can set this logical any time, and it effectively changes the idle timeout for open, non-idling connections as well as for any future ones. Make sure to use delta time for the time syntax. For example:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_IDLE_TIMEOUT "0 00:20:00"
This example changes the idle timeout to 20 minutes. If omitted, the default is 10 minutes. If you set the value to 0, idle timeout is disabled.
Sometimes the FTP server strips the .DIR extension from the file name of a directory when the NLST function is requested. The FTP server now looks for the logical TCPWARE_FTPD_KEEP_DIR_EXT and, if defined, does not remove the .DIR extension. To use this feature, define the system/exe mode logical:
$ DEFINE/SYSTEM/EXE TCPWARE_FTPD_KEEP_DIR_EXT TRUE
To return to the default behavior, remove this logical.
The TCPWARE_FTP_LOGFILE (system level, executive mode) logical can be defined to specify the name of a log file. This is good if you suspect break-ins to the FTP server. For example:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_LOGFILE-
_$ SYS$COMMON:[SYSMGR]FTPLOGIN.LOG
If this logical exists, the FTP server writes a record to the specified file each time a user attempts to log in. Each record includes the date and time, the remote host's internet address, and whether the login succeeded.
This logical specifies the name of the file to which ALL commands and responses to ANONYMOUS FTP services are logged. If TCPWARE_FTP_LOG_ALL_USERS is also defined, then commands and responses for all users are logged.
The FTP client and the FTP server normally check the record size of an ASCII transfer and disallow more than 8192 byte records (as a sanity check). However, you can define the TCPWARE_FTP_MAXREC logical to override the default of 8192. The definition of the TCPWARE_FTP_MAXREC logical is commented out but defined in the FTP_CONTROL.COM file as follows:
$ !DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_MAXREC 8192
The logical name TCPWARE_FTP_MAX_SERVERS allows the maximum number of servers to be set. The default is 10000.
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_MAX_SERVERS "1500"
The TCPWARE_FTP_MESSAGE_FILE logical defines the message file the FTP user sees when connecting to the server or moving between directories. The definition of the TCPWARE_FTP_MESSAGE_FILE logical is commented out but defined in the FTP_CONTROL.COM file as follows:
$ !DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_MESSAGE_FILE ".MESSAGE"
If the TCPWARE_FTP_ONLY_BREAK_ON_CRLF logical is set and an ASCII file is transferred, a new line is created in the file upon receipt of a carriage return/line feed sequence.
If this logical is not set and an ASCII file is transferred, a new line is created upon receipt of either a carriage return/line feed sequence or a line feed.
The TCPWARE_FTP_RECEIVE_THRESHOLD logical specifies the amount of buffer space that can be used to buffer transmitted data on the data socket. The default value if 6144. If this logical is defined and it begins with a /, then it specifies the fraction of the window size; if only a fraction is specified, then it indicates the number of bytes to be used. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE TCPWARE_FTP_RECEIVE_THRESHOLD ?
The TCPWARE_FTP_ROOT (system level, executive mode) logical defines the system-wide default directory access restrictions for client users. For example, you can restrict all users logged in via FTP to the COMMON$USER directory and its subdirectories, as follows:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_ROOT COMMON$USER:
The FTP server defaults to this logical if the TCPWARE_FTP_ANONYMOUS_ROOT or TCPWARE_FTP_username_ROOT logicals (described in the next section) are not set.
The TCPWARE_FTP_username_ROOT (system level, executive mode) logical defines access restrictions for an FTP client logging in as username. For example, you can restrict user CLARK to the COMMON$USER:[CLARK] directory and its subdirectories, as follows:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_CLARK_ROOT COMMON$USER:[CLARK]
Because the FTP server restricts access by default to the directory setting in the TCPWARE_FTP_ROOT logical (described earlier), if it exists, you may want to use the special wildcard (*) setting with the TCPWARE_FTP_username_ROOT logical to bypass the default for username. For example, to restrict the bulk of users to DISK$SYS_LOGIN, restrict users KATE and PAUL to ENG$DISK, but allow SYSTEM full access to locations covered by its account, define the following logicals:
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_ROOT DISK$SYS_LOGIN ! default
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_KATE_ROOT ENG$DISK ! limits KATE
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_PAUL_ROOT ENG$DISK ! limits PAUL
$ DEFINE/SYSTEM/EXEC TCPWARE_FTP_SYSTEM_ROOT * ! full SYSTEM
ANONYMOUS user access restrictions are described under TCPWARE_FTP_ANONYMOUS_ROOT.
If the TCPWARE_FTP_SEMANTICS_FIXED_IGNORE_CC logical is defined to TRUE, then GET operations of fixed lengths record files will not have a <CR>(carriage return)<LF>(line feed) added to the end of each record. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE TCPWARE_FTP_SEMANTICS_FIXED_IGNORE_CC ?
This specifies the upper and lower port boundaries that are to be used in passive data connections. The string should contain two numbers separated by a space. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE TCPWARE_FTP_SERVER_DATA_PORT_RANGE ?
By setting the logical name TCPWARE_FTP_SERVER_LOG_LIMIT in the LOGIN.COM file, you can specify that log files be retained. Set the logical name to a dash (-) to retain all log files, or specify a number in the range of 1 to 32000.
Directory size restrictions limit the number of potential files that can actually be created. If you do not specify a number or value, one log file is created or overwritten for each FTP session. Use the DCL PURGE command to delete unneeded log files. The following example specifies that 42 log files be retained:
$ DEFINE TCPWARE_FTP_SERVER_LOG_LIMIT 42
The server normally compares the IP network address value specified in the PORT command with the IP network address of the IP address that it is receiving commands from. If these are not in agreement, the PORT command is not accepted. Some multi-homed clients, and clients that can do third party transfers send values that do not match. Defining this logical allows the PORT command to be accepted for these clients by disabling this check. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE TCPWARE_FTP_SERVER_RELAXED_PORT_COMMAND ?
The logical name TCPWARE_FTP_STRIP_VERSION causes VMS mode output to have no versions. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_STRIP_VERSION ?
If the FTP Server is in UNIX mode, the SYST command displays the banner "UNIX TCPware Unix Emulation." If the FTP Server is in VMS mode, the SYST command displays the equivalence string associated with the TCPWARE_FTP_SYST_BANNER logical name (if defined). Otherwise, the SYST command displays "VMS TCPware Vx.y(rev)," where:
The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_SYST_BANNER ?
Note! The logical name TCPWARE_FTP_SYST_BANNER is ignored if the FTP Server is already in UNIX mode.
If you define the logical name TCPWARE_FTP_UNIX_STYLE_BY_DEFAULT, the FTP Server starts in UNIX emulation mode.
The control of version number displays has been reworked in response to LIST and NLST commands. The default is VMS-mode output. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_UNIX_STYLE_BY_DEFAULT ?
When sending the command from a non-OpenVMS client, a space is required between the file specification and the qualifier. For example:
$ GET filename /LOG
Previous command syntax: ftp>put xx x.x/image=2048
New command syntax: ftp>put x.x "x.x/image=2048"
$ DEFINE/SYSTEM/EXECUTIVE_MODE TCPWARE_FTPD_NOUNIX_SYNTAX "TRUE"
The logical name TCPWARE_FTP_UNIX_STYLE_CASE_INSENSITIVE allows UNIX style filename handling to be case insensitive. The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_UNIX_STYLE_CASE_INSENSITIVE ?
The FTP client and the FTP server set the TCP window size of the data connection to either:
The ? in the logical represents where defined values go. Defined value can be either alpha or numeric.
$ DEFINE/SYSTEM/NOLOG/EXEC TCPWARE_FTP_WINDOW ?
This section describes the FTP server implementation of the File Transfer Protocol (FTP) as defined in the RFC 959. The material in this section requires a thorough understanding of the protocols used.
The FTP server is now more "UNIX friendly" and accommodates pathname specifications in some Web browsers; the forward slash (/) at the beginning of directory structures is now recognized.
The FTP server implements the following FTP service commands defined in the FTP protocol:
Note! The STOU filespec pathname can contain the /ASCII, /BINARY, /BLOCK, /FORTRAN, or /IMAGE qualifier to specify the transfer mode. A qualifier can cause unpredictable results depending on the current TYPE and STRU settings. The pathname can also contain /CONTIGUOUS=blocks, in which case TCPware creates the file with an initial contiguous allocation of the specified number of blocks.
|
Specifies the file structure. The valid arguments are F (for file, or no record structure), R (for record structure), and O VMS (or VMS, for VMS file structure). For VMS file structure, the data sent over the connection consists of a small header containing RMS file information, followed by raw data from the file, block by block. | |
|
Returns the name of the operating system running on the server. | |
|
Specifies the file type. The valid arguments are A (ASCII), I (image), L 8 (image), A N (ASCII non-print), A C (FORTRAN carriage control), and A T (Telnet format effectors). Use I (image) for both formatted binary and image format transfers. Formatted binary data includes the necessary record headers and checksums. | |
|
Logs the user into the host. |
All other commands result in error 500 or 502 (command not implemented). This implementation accepts and may issue all response codes.
The FTP server accepts the following qualifiers with client commands that send RETR, STOR, and APPE commands:
Note! When using the /ASCII, /BINARY, /BLOCK, /FORTRAN, or /IMAGE qualifier with commands that send RETR or STOR commands, make sure to separate the file specification and the qualifier with a space character. Otherwise the qualifier can be considered part of a UNIX file specification. For example, use the following on the client:
ftp> put sample.txt "sample.txt /block"
|
/ASCII |
TCPware reads or writes the file as an ASCII file. |
|
/BINARY |
TCPware reads or writes the file as a formatted binary file. Use this qualifier when transferring variable length binary files that do not have a file extension of .OBJ, .STB, .BIN, or .LDA. |
|
/BLOCK |
TCPware reads or writes the file using block-I/O mode. Use this qualifier when transferring STREAM_LF, STREAM_CR, STREAM or UNDEFINED files. |
|
/CONTIGUOUS |
(Applies to STOR only) the local output file should have an initial contiguous allocation of the specified number of blocks. If the output file is smaller, the FTP server truncates it. If the output file is larger, the additional allocations are noncontiguous. |
|
/FORTRAN |
TCPware reads or writes the file as a FORTRAN carriage control file. |
|
/IMAGE[=n] |
TCPware reads or writes the file as an image file. If you specify a record length, it only applies to output files. |
|
/VARIABLE |
TCPware writes an image format file as a variable length record format file. Ignored for all other transfer formats. |
The FTP server also supports the STRU O VMS (or STRU VMS) format that allows OpenVMS systems to exchange any RMS file, including RMS indexed files.
Note! Some combinations of these qualifiers and the TYPE and STRU commands may produce unpredictable results. Use these qualifiers carefully.
Q:How can I apply Access Control Lists (ACLs) to my FTP-OpenVMS executables so that only I have access?
A:Assume you want to set up your username as FTP_USER and give yourself (and no one else) read and execute privileges to the FTP-OpenVMS executables:
$ SET DEFAULT$SYSTEM
$ MCR AUTHORIZE
UAF> ADD/ID FTP_USER
UAF> GRANT/ID FTP_USER yourname
Then, for the FTP-OpenVMS Client:
$ SET DEFAULT TCPWARE
$ EDIT/ACL FTP.EXE (IDENTIFIER=FTP_USER,ACCESS=READ+EXECUTE)
(IDENTIFIER=*,ACCESS=NONE)
For the FTP-OpenVMS Server:
$ SET DEFAULT TCPWARE
$ EDIT/ACL FTP_DTP.EXE (IDENTIFIER=FTP_USER,ACCESS=READ+EXECUTE)
(IDENTIFIER=*,ACCESS=NONE)
