Identify DECnet Plus (copy/fal) traffic?
Andrew Wright
suggest a way of identifying all the DECnet traffic (particularly copy
operations), with process name and the local /remote connection the process
is making?
Incoming DECnet copies are using the FAL session control
application therefore FAL.EXE. So I can either put on a security audit ACE
on the image or amending the fal.com to gather the information required, but
for outgoing copy
Operations off node, it's a bit trickier as the NET$ACP process is handling
this.
I don't think adding a security ACE on the copy image is much good as
on-node
Copy operations would also trigger an ACL security alarm, and there would be
no way as far as I can tell to identify if the copy was local/or off node
from the security audit records? I've also looked at CTF (trace), but I don't
think there is a way to create a trace point to gather the information I
require?
There reason way I would like to identify the DECnet traffic is
because eventually our replacement network infrastructure will not support
DECnet (CLNS will not be configured!), therefore DECnet on the VMS hosts
will be configured to go over TCP/IP, therefore I will like to know if
there is any DECnet traffic that I don't know about in advance!
Andy
David B Sneddon
run over IP and everything just works. Been there, done that.
The only thing you need is for the network bozos to make sure
they allow port 399 through the network.
Dave
Andrew Wright
you said it just works. Unfortunately being a mission critical system
(cluster), management
want to know about the DECnet activity on the existing system, so that
nothing is missed.
"David B Sneddon" <dbsn...@bigpond.com> wrote in message
news:f840f0ab-3ad7-42e2...@k1g2000yqf.googlegroups.com...
David B Sneddon
> I've also have already configured a test system to run DECnet over IP and as
> you said it just works. Unfortunately being a mission critical system
> (cluster), management
> want to know about the DECnet activity on the existing system, so that
> nothing is missed.
DECnet won't be an issue, things like LAT and MOP maybe.
Dave
JBloggs
<wrig...@onetel.com> wrote:
> On an Alpha Running OpenVMS DECnet Plus (OSI) V8.2 please could anyone
>suggest a way of identifying all the DECnet traffic (particularly copy
>operations), with process name and the local /remote connection the process
>is making?
a few possible ways to get more info, say beside accounting records:
$! one net$server per network login:
$ define/system/exec netserver$timeout "0"
in sys$manager:sylogin.com, you might be able to do this:
$ netserver$command :== @device:[dir]netnfo.verbose
where netnfo.verbose was:
(watch out for lines wrapped by newsreaders:
$!'f$verify(0)
$!++
$! NETINFO.COM PROGRAM
$!
$! do the same w/o requests
$!
$! NETINFO VERSION 2.0 - AUGUST 1992
$!
$! BY: JOHN MCMAHON
$! TGV, INCORPORATED
$! PHONE: 800-848-3440
$! E-MAIL: MCM...@TGV.COM
$!
$! DCL VERSION BASED ON EARLIER WORKS BY JOHN MCMAHON
$! THAT WERE DEVELOPED UNDER CONTRACT TO THE ADVANCED
$! DATA FLOW TECHNOLOGY OFFICE (NASA GODDARD SPACE
$! FLIGHT CENTER) AND THE COSMIC BACKGROUND EXPLORER
$! SCIENCE DATA ROOM PROJECT (NASA GODDARD SPACE FLIGHT
$! CENTER)
$!
$! SUGGESTED BY A SAMPLE PROGRAM IN A DEC SEMINAR
$! ON "NETWORK SECURITY"
$!
$! INSTALLING THIS PROGRAM:
$!
$! 1) PERMANENT NETSERVERS SHOULD BE TURNED OFF BY
$! ISSUING THE COMMAND:
$!
$! DEFINE/SYSTEM/EXEC NETSERVER$TIMEOUT "0"
$!
$! IN THE SYSTEM STARTUP PROCEDURE.
$!
$! 2) THE GLOBAL SYMBOL NETSERVER$COMMAND SHOULD
$! BE DEFINED IN THE SYSTEM LOGIN PROCEDURE
$! AS:
$!
$! NETSERVER$COMMAND :== @DISK:[DIRECTORY]THIS-PROCEDURE
$!
$! 3) THE PROTECTION ON THE COMMAND PROCEDURE SHOULD BE:
$! (S:RE,O:RE,G:E,W:E)
$!
$! NOTE: THIS SOFTWARE IS PROVIDED AS-IS, THE AUTHOR AND HIS EMPLOYERS
$! ASSUME NO RESPONSIBILTY FOR THE USE, LOSSES FROM THE USE, OR
RELIABILITY
$! OF THIS SOFTWARE.
$!++
$!
$ PROGRAM = " NETINFO V2.0 "
$ LOG := WRITE SYS$OUTPUT F$TIME()+PROGRAM+
$ ON WARNING THEN GOTO SOS
$ LOG "WRITTEN AUGUST 1992 BY JOHN MCMAHON"
$!
$! THIS ONLY WORKS FOR NETWORK PROCESSES
$!
$ IF F$MODE() .NES. "NETWORK"
$ THEN
$ LOG "EXITING - THIS IS NOT A NETWORK PROCESS"
$ EXIT
$ ENDIF
$!
$! USEFUL THINGS TO DO FIRST...
$!
$! (NOTE J)
$!
$! DEFINE FAL$LOG 1 ! FAL DEBUGGING LOGICAL THAT
$ ! REPORTS FILENAMES BEING ACCESSED
$!
$! SAVE THE NETSERVER FILES FROM RANDOM PURGING
$!
$! AN ALTERNATE TECHNIQUE WOULD BE TO RENAME FILES TO AN
$! ALTERNATE DIRECTORY
$!
$! (NOTE H)
$!
$ IF F$SEARCH("SYS$LOGIN:NETSERVER.LOG") .NES. ""
$ THEN
$ SET PROTECTION=(S:RWE,O:RWE,G,W) SYS$LOGIN:NETSERVER.LOG.*
$ ENDIF
$!
$! NETSERVER.COM VERIFY SETTING
$!
$ NETSERVER$VERIFY :== 0 ! 0=OFF, 1=ON
$!
$! TABLE OF OBJECTS REGISTERED IN NCP
$!
$! THIS IS A SUBSET OF THE OBJECTS THAT DO NOT HAVE PROCESSES
$! ASSOCIATED WITH THEM (EXAMPLE: IGNORE REMACP AND SMISERVER)
$!
$! THIS INFORMATION WAS RETRIEVED USING THE NCP COMMAND
$! NCP> SHOW KNOWN OBJECTS
$!
$ OBJECTTABLE_0 = "MOM,NICONFIG,TASK"
$ OBJECTTABLE_17 = "FAL,SUBMIT/REMOTE" ! File Access
$ OBJECTTABLE_18 = "HLD"
$ OBJECTTABLE_19 = "NML" ! NCP Commands
$ OBJECTTABLE_25 = "MIRROR"
$ OBJECTTABLE_26 = "EVL"
$ OBJECTTABLE_27 = "MAIL" ! Electronic Mail
$ OBJECTTABLE_29 = "PHONE" ! Phone
$ OBJECTTABLE_51 = "VPM" ! Monitor
$ OBJECTTABLE_63 = "DTR"
$!
$! GET THE NCB OUT OF THE SYS$NET LOGICAL NAME
$!
$ NETINFO_NCB = F$TRNLNM("SYS$NET")
$!
$! (NOTE A)
$!
$! GET THE REMOTE NODENAME AND USERNAME
$!
$! NODENAME IS PRIOR TO THE FIRST COLON
$!
$ NETINFO_NODENAME == F$ELEMENT(0,":",NETINFO_NCB)
$!
$! (NOTE B)
$!
$! EXTRACT THE STRING BETWEEN THE "=" AND THE "/"
$! THIS IS THE USERNAME
$!
$ WORK_STRING = F$ELEMENT(1,"=",NETINFO_NCB)
$ NETINFO_USERNAME == F$ELEMENT(0,"/",WORK_STRING)
$!
$! (NOTE C)
$!
$! GET THE LOCAL LINK NUMBER, OPTIONAL INFO,
$! OBJECT FORMAT AND OBJECT NUMBER
$!
$! EXTRACT THE STRING AFTER THE "/"
$! THIS SIMPLIFIES LOCATING THINGS BECAUSE
$! WE AREN'T DEALING WITH A RANDOM LENGTH
$! USERNAME OR NODENAME
$!
$! BYTES 0-1 IS THE LINK NUMBER
$! BYTE 2 IS THE OPTIONAL INFO LENGTH
$! BYTES 3-18 IS THE OPTIONAL INFO
$! BYTE 19 IS THE OBJECT FORMAT
$! BYTE 20 IS THE OBJECT NUMBER
$!
$ WORK_STRING = F$ELEMENT(1,"/",NETINFO_NCB)
$ NETINFO_LINK_NUMBER = F$CVUI(0,16,WORK_STRING) $
NETINFO_OPTIONAL_INFO_LENGTH = F$CVUI(0,8, F$EXTRACT(2,1,WORK_STRING)
)
$ NETINFO_OPTIONAL_INFO = F$EXTRACT(3,16,WORK_STRING) $! (NOTE D)
$ NETINFO_OBJECT_FORMAT = F$CVUI(0,8, F$EXTRACT(19,1,WORK_STRING) ) $
NETINFO_OBJECT_NUMBER == F$CVUI(0,8, F$EXTRACT(20,1,WORK_STRING) )
$!
$! CONVERT THE OPTIONAL_INFO INTO HEX
$!
$ NETINFO_OPTIONAL_INFO_HEX = ""
$ COUNT = 0
$ LOOP:
$ BYTE = F$EXTRACT(COUNT,1,NETINFO_OPTIONAL_INFO)
$! (NOTE G)
$ NETINFO_OPTIONAL_INFO_HEX = -
NETINFO_OPTIONAL_INFO_HEX +-
F$FAO( "!2XL",F$CVUI(0,8,BYTE) )
$ COUNT = COUNT + 1
$ IF COUNT .LT. 16 THEN GOTO LOOP
$ ENDLOOP:
$!
$! IF THE OBJECT FORMAT IS 1, THEN GET THE OBJECT NAME
$! LENGTH AND THE OBJECT NAME
$!
$! BYTE 21 IS THE OBJECT NAME LENGTH
$! BYTE 22 BEGINS THE OBJECT NAME
$!
$ NETINFO_OBJECT_NAME_LENGTH = 0
$ NETINFO_OBJECT_NAME == ""
$ IF NETINFO_OBJECT_FORMAT .EQ. 1
$ THEN
$ NETINFO_OBJECT_NAME_LENGTH = F$CVUI(0,8,
F$EXTRACT(21,1,WORK_STRING))
$! (NOTE E)
$ NETINFO_OBJECT_NAME == -
F$EXTRACT(22,NETINFO_OBJECT_NAME_LENGTH,WORK_STRING)
$ ENDIF
$!
$! IF THE OBJECT NUMBER CAN BE MAPPED TO A KNOWN NAME,
$! THEN DO SO
$!
$ NETINFO_KNOWN_OBJECT_NAME == ""
$ IF F$TYPE(OBJECTTABLE_'NETINFO_OBJECT_NUMBER') .EQS. "STRING"
$ THEN
$ NETINFO_KNOWN_OBJECT_NAME ==
OBJECTTABLE_'NETINFO_OBJECT_NUMBER'
$ ENDIF
$!
$! WHAT'S MY LOCAL PID, USERNAME, PROCESS AND NODENAME ?
$!
$ NETINFO_PID = F$GETJPI(0,"PID")
$ NETINFO_LOCAL_USERNAME = F$GETJPI(0,"USERNAME")
$ NETINFO_LOCAL_PROCESSNAME = F$GETJPI(0,"PRCNAM")
$ NETINFO_LOCAL_NODENAME = F$GETSYI("NODENAME")
$!
$! FORMAT THE OPCOM MESSAGE SIMILAR TO THE SECURITY ALARM
$!
$! THE REQUEST VERB ONLY TAKES LINES UP TO (ABOUT) 255 CHARACTERS
$! SO WE SEND THE DATA AS TWO MESSAGES, APPROXIMATELY 200 BYTES
$! EACH.
$!
$ WALL_CLOCK = F$TIME()
$! (NOTE F)
$ NETINFO_OUTPUT = -
F$FAO("!AS- NETWORK LOGIN REPORT!/EVENT
TIME:!_!_!AS!/",PROGRAM,WALL_CLOCK)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
F$FAO("PID:!_!_!_!AS!_PROCESS NAME:!_!AS!/",-
NETINFO_PID,NETINFO_LOCAL_PROCESSNAME)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
F$FAO("LOCAL USERNAME:!_!_!AS!/",NETINFO_LOCAL_USERNAME)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
F$FAO("LOCAL NODENAME:!_!_!AS!/",NETINFO_LOCAL_NODENAME)
$!
$! THE SECURITY ALARM INCLUDES THE REMOTE NODENUMBER.
$! THIS CANNOT BE RETRIEVED WITHOUT
$! SYSPRV (VIA AN INDEXED DCL READ INTO
SYS$SYSTEM:NETNODE_REMOTE.DAT),
$! SO WE DON'T DO IT.
$!
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
F$FAO("REMOTE NODENAME:!_!AS!/",NETINFO_NODENAME)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
F$FAO("REMOTE USERNAME:!_!AS!/",NETINFO_USERNAME)
$!
$! FEED THE FORMATTED TEXT TO REQUEST
$! 20-JAN-1993 09:11:14 -ldb request to security only ...
$!
$! LOG "SENDING MESSAGE 1, LENGTH=",F$LENGTH(NETINFO_OUTPUT)
$ write sys$output "''NETINFO_OUTPUT'" ! FIRST MESSAGE
$ REQUEST/TO=(SECURITY) "''NETINFO_OUTPUT'" ! FIRST MESSAGE
$!
$! DO IT AGAIN WITH THE REST OF THE DATA
$!
$ NETINFO_OUTPUT2 = -
F$FAO("!AS- NETWORK LOGIN REPORT (CONTINUED)!/EVENT
TIME:!_!_!AS!/",-
PROGRAM,WALL_CLOCK)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
F$FAO("PID:!_!_!_!AS!_PROCESS NAME:!_!AS!/",-
NETINFO_PID,NETINFO_LOCAL_PROCESSNAME)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
F$FAO("LOCAL LINK NUMBER:!_!SL!/",NETINFO_LINK_NUMBER)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
F$FAO("OBJECT NUMBER:!_!_!SL",NETINFO_OBJECT_NUMBER)
$ IF NETINFO_KNOWN_OBJECT_NAME .NES. "" THEN -
NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
F$FAO(" (!AS)",NETINFO_KNOWN_OBJECT_NAME)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + F$FAO("!/")
$ IF NETINFO_OBJECT_NAME .NES. "" THEN -
NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
F$FAO("OBJECT NAME:!_!_!AS!/",NETINFO_OBJECT_NAME)
$! LOG "SENDING MESSAGE 2, LENGTH=",F$LENGTH(NETINFO_OUTPUT2)
$! 20-JAN-1993 09:11:14 -ldb request to security only ...
$ REQUEST/TO=(SECURITY) "''NETINFO_OUTPUT2'" ! SECOND MESSAGE
$ write sys$output "''NETINFO_OUTPUT2'" ! SECOND MESSAGE
$!
$! DUMP ALL OF THE NETINFO SYMBOLS INTO NETSERVER.LOG
$! no, don't. -ldb 19-JAN-1993 05:21:44
$!
$! LOG "DUMPING CURRENT NETINFO SYMBOLS"
$! SHOW SYMBOL NETINFO*
$!
$! ANY SPECIAL PROCESSING COULD GO HERE
$!
$ @toolsdisk:[tools.com]firewall.com
$!
$! "CARTWRIGHT" IS USED AS AN EXAMPLE LOCAL USERNAME HERE.
$!
$! (NOTE K)
$!
$! EXAMPLE OF DISABLING FILE ACCESS FOR A PARTICULAR USER
$!
$! IF (NETINFO_LOCAL_USERNAME .EQS. "CARTWRIGHT") .AND. -
$! (NETINFO_KNOWN_OBJECT_NAME .EQS. "FAL")
$! THEN
$! WRITE SYS$OUTPUT "ACCESS TO FAL DENIED FOR USER CARTWRIGHT"
$! LOGOUT/FULL
$! ENDIF
$!
$! (NOTE M)
$!
$! EXAMPLE OF DISABLING SUBMIT/REMOTE ACCESS FOR A PARTICULAR USER
$!
$! IF (NETINFO_LOCAL_USERNAME .EQS. "CARTWRIGHT") .AND. -
$! (NETINFO_KNOWN_OBJECT_NAME .EQS. "FAL")
$! THEN
$! DEFINE SYS$BATCH "$NOT$A$REAL$BATCH$QUEUE$NAME$"
$! WRITE SYS$OUTPUT "ACCESS TO SUBMIT/REMOTE DENIED FOR USER
CARTWRIGHT"
$! ENDIF
$!
$! (NOTE N)
$!
$! EXAMPLE OF DISABLING OBJECT ZERO ACCESS FOR A PARTICULAR USER
$! ADDITIONAL CODE COULD BE ADDED TO TEST FOR "DIGITAL-RESERVED"
OBJECTS
$! (EXAMPLE: $MOM) IF YOU STILL WANT THOSE OBJECTS TO WORK
$!
$! IF (NETINFO_LOCAL_USERNAME .EQS. "CARTWRIGHT") .AND. -
$! (NETINFO_OBJECT_NUMBER .EQ. 0)
$! THEN
$! WRITE SYS$OUTPUT "ACCESS TO OBJECT ZERO DENIED FOR USER
CARTWRIGHT"
$! LOGOUT
$! ENDIF
$!
$! LOG "NORMAL EXIT"
$ EXIT
$!
$ SOS:
$!
$! IF A WARNING (OR WORSE) OCCURS, WE BOUNCE TO HERE
$!
$ SAVE_STATUS = $STATUS
$! 20-JAN-1993 09:11:14 -ldb request to security only ...
$ REQUEST/TO=(SECURITY) -
"''PROGRAM' - ABNORMAL EXIT, STATUS=''SAVE_STATUS'"
$! LOG "ABNORMAL EXIT, STATUS="+SAVE_STATUS
$ EXIT 'SAVE_STATUS
JBloggs
<wrig...@onetel.com> wrote:
> On an Alpha Running OpenVMS DECnet Plus (OSI) V8.2 please could anyone
>suggest a way of identifying all the DECnet traffic (particularly copy
>operations), with process name and the local /remote connection the process
>is making?
tracking the inbound connections is fairly easy,
I think tracking the outbound connections is a harder case
there's also this,(FAL$LOG) I haven't tried this with
DECnet Phase V/OSI, though.
Nick de Smith, 04-January-1994
nick NI...@NCDLAB.ULCC.AC.UK (preferred)
ni...@nick01.demon.co.uk (if you must) European DECUS OpenVMS
Chairman
Introduction to FAL logging ---------------------------
This document is extracted from the VMS listings CDs
(updated to V5.5-2).
The following describes the format and use of FAL logging
options which are specified via the logical names FAL$LOG
and FAL$OUTPUT. These are normally defined in the user's
LOGIN.COM file, but they can be placed in a group or system
logical name table to affect a larger class of remote file
access. FAL$LOG conveys logging and control directives to
FAL and FAL$OUTPUT is used to specify the name of the log
file to create in place of SYS$OUTPUT.
Note: Use of the logical names FAL$LOG and FAL$OUTPUT is
an UNSUPPORTED feature intended as a diagnostic, debugging
and performance monitoring tool for use by Digital. The
format and function of these logical names may change at any
time, or perhaps not be used in the future.
Note: Logging of information other than file name and
statistics (parameter bits <0>, <1> and <5>) can severly
reduce data throughput!!!
Syntax rules ------------ The primary function of the
logical name FAL$LOG is to request the logging of various
type of information about the file operations performed by
FAL. This includes identifying each file accessed,
displaying the Data Access Protocol (DAP) messages
exchanged, computing data throughput statistics, and logging
the logical link and mailbox QIO calls and subsequent
delivery of ASTs. Logging operations are requested through
the parameter bitmask value. A secondry use of the logical
name is to specify qualifiers the control various aspects of
FAL's operation such as determining buffer sizes or
disabling features. Currently, the format of the FAL$LOG
options string is:
[parameter][/qualifier-1,...qualifier-n]
where each qualifier is of the form keyword=value (e.g.
/BPM=20)
The parameter and qualifiers are optional. However, the
parameter if present must precede any qualifiers. In
addition, only the first three characters of a qualifier
keyword are examined to determine a match. Thus /DISABLE=xx
can be abbreviated to /DIS=xx. Spaces and tabs are ignored
and keywords can be entered using either upper or lower case
characters.
Parameter values ---------------- The parameter is a
hexadecimal bitmask used to specify FAL logging options. If
this parameter is non-zero (indicating that FAL logging
output will be generated), then an attempt will be made to
translate the logical name SYS$OUTPUT prior to opening the
log file. If FAL$OUTPUT is defined then its equivalence
string is used as the file specification of the log file;
otherwise logging output is directed to SYS$OUTPUT which
normally points to the default network log file named
SYS$LOGIN:NETSERVER.LOG. The bitmask definitions for the
parameter are as follows:
<0> Enable logging of file name and type of file access
requested. <1> Enable logging of data throughput and
other performance statistics. <2> Enable logging of
individual DAP messages are they are processed from the
input buffer or assembled in the output buffer. <3>
Enable logging of DAP message packet and mailbox AST routine
completions. <4> Enable logging of DAP message packet
and mailbox QIO requests. <5> Enable logging of internal
counters.
Qualifier values ---------------- The following qualifiers
are recognised, where 'd' denotes a decimal digit and 'x'
denotes a hexadecimal digit:
/DISABLE=xx (Disable FAL Options) where the bitmask value
denotes: <0> Disable DAP level CRC checksum generation
and comparison. Note that CRC checking will be automatically
disabled if the initiating node does not support DAP level
CRC generation. <1> Disable DAP level message blocking
in both directions. i.e. Transmit each DAP message in a
separate QIO system service call. <2> Disable RMS
multi-block caching to/from disk when block I/O file
transfer mode is in effect. This restores the pre-VMS V3.4
block I/O processing behaviour of FAL where each DAP data
message resulted in one RMS $READ or $WRITE call to be
executed. Note also that selection of this option eliminates
one MOVC5 copy of the data in memory at the expense of
greatly increasing the number of RMS I/O operations
performed during file transfer. <3> Disable poor-man's
routing. i.e. have FAL reject any file specification it
receives that contains a node name. <4> Disable parsing
of the requested file name or resultant file name before it
is sent to the log file. <5..7> Undefined.
/ENABLE=xx (Enable FAL Options) where the bitmask value
denotes: <0..7> Undefined.
/BPM=ddddd (Bytes Per Message) This is the maximum number of
bytes per DAP message to display (used only if parameter
bit <2> is set). The default value is 20 bytes per message.
/BPL=dd (Bytes Per Line) This is the maximum number of bytes
per line to display when dumping a DAP message. (used only
if parameter bit <2> is set). The default value is 20 bytes
per line.
/RBK_CACHE=ddd (RMS Multi-block cache Size) This controls
the number of disk blocks per RMS $READ or $WRITE call to
transfer when block I/O file transfer mode is selected (if
bit <2> of the /DISABLE option is set, this option is
ignored). The number can be from 1 to 127. The default is
64.
/DBS=ddddd (DAP Buffer Size) Requests FAL to send this value
in the DAP configuration message for the <BUFSIZ> field.
/SYSTEM_ID=xxxx (System Identification) Requests FAL to send
this value in the DAP configuration message for the
<FILESYS><OSTYPE> fields (the OSTYPE field is the low order
byte of the value).
/VERSION=xxxxxxxx (DAP Version Number) Requests FAL to send
this value in the DAP configuration message for the
<DECVER><USRNUM><ECONUM><VERNUM> fields (the VERNUM field is
the low order byte of the value).
/SC1=xxxxxxxx (System Capabilities Part 1) Requests FAL to
send this value in the DAP configuration message for bits
<0..31> of the <SYSCAP> field.
/SC2=xxxxxxxx (System Capabilities Part 2) Requests FAL to
send this value in the DAP configuration message for bits
<32..63> of the <SYSCAP> field.
Note that any qualifier that cannot be interpreted or that
contains an invalid value is ignored and a parse error
message is written to the log file.
Examples -------- The following DCL commands illustrate how
FAL logging options may be set up in one's LOGIN.COM file.
$ ASSIGN 1 FAL$LOG
The above command enables the logging of file name and type
of access in the default network log file NETSERVER.LOG.
$ ASSIGN 3 FAL$LOG $ ASSIGN FAL.LOG FAL$OUTPUT
This requests logging of file name, type of access, and data
throughput statistics in SYS$LOGIN:FAL.LOG.
$ ASSIGN "3/RBK_CACHE=16/DBS=1056" FAL$LOG $ ASSIGN
some-file-name FAL$OUTPUT
The above definitions are used to gather data throughput
statistics in the specified log file while altering buffer
sizes.
$ ASSIGN "7/bpm=80" FAL$LOG
This definition causes the first 80 bytes of each DAP
message to be dumped and file identification and statistics
to be displayed in the log file.
$ ASSIGN 7_50 FAL$LOG
Same as the previous example, except the VMS V3.n parameter
format of xx_yyyy is used where yyyy is the number of bytes
per DAP message to display expressed as a hexadecimal value.
$ ASSIGN "/DISABLE=8" FAL$LOG
This disables poor-man's routing which prevents users from
using FAL as a pass-through object on this node.
$ ASSIGN "2F" FAL$LOG
This enables all FAL logging options excluding qualifier
control options.
[end]
Peter 'EPLAN' LANGSTOeGER
> On an Alpha Running OpenVMS DECnet Plus (OSI) V8.2 please could anyone
>suggest a way of identifying all the DECnet traffic (particularly copy
>operations), with process name and the local /remote connection the process
>is making?
Have you looked into the CONNECTION audit?
$ SET AUDIT/ENABLE=CONNECTION/...
--
Peter "EPLAN" LANGST�GER
Network and OpenVMS system specialist
E-mail Pe...@LANGSTOeGER.at
A-1030 VIENNA AUSTRIA I'm not a pessimist, I'm a realist