InetPowerServer - Electronic
Documentation
|

3. System configuration
This document will guide you through the information needed to configure
your IPS server.
Directory structure
The IPS distribution .ZIP is packed with a first level directory of ips\
(for OS/2 or Windows NT version) and each new version can safely be extracted
over the old one since all configuration, script and message example files
are packed within the doc\ sub-directory. You should however check your
setup against the one provided under doc\ before restarting your server
with the new version.
The directory ips\ is called the IPS-root and has the following sub-directory
structure:
Path |
Description |
\
|
IPS root directory, the directory name below this level
is ips2\ for the OS/2 version, and ips32\ for
the Windows NT version. |
\file_id.diz
|
Archive information file. |
\setupos2.cmd
\setupw32.bat
|
Rexx script (OS/2) or batch file (Windows) used for first-time
setup or to recreate program folder and icons. |
\startips.bat
\startips.cmd
|
Rexx script (OS/2) or batch file (Windows) used to start
the IPS server from the command line. |
\bin\
|
IPS executables. |
\bin\history.*
|
Rexx script or batch file called by \startips.cmd to archive
old log files. This file is automatically created by IPS. |
\bin\ips*.exe
|
Main IPS executable currently in use. File name is ips2.exe
for the OS/2 version and ips32.exe for the Windows NT version. |
\bin\ips*old.exe
|
Backup copy of last file replaced by the update.cmd script. |
\bin\ips*upd.exe
|
New copy to be used on next server restart. |
\bin\pwd2.exe
\bin\pwd32.exe
|
Program to generate encrypted passwords. |
\bin\chgrp.exe
\bin\chmod.exe
\bin\chown.exe
\bin\ls.exe
|
Ports of UNIX based GNU utilities modified to work with
the IPS access system. Only supported by OS/2 version of IPS. |
\bin\ico\
|
IPS icon files. |
\cfg\
\cfg\main\
\cfg\main\users\
\cfg\main\groups\
|
InetPowerServer configuration. |
\doc\
|
InetPowerServer documentation, this directory includes
several sub-directories with the default configuration example. |
\log\
|
Directory where your log files are written. |
\msg\
|
Directory where your multiple-line response files are placed. |
\scr\
|
Directory for your RexxHook scripts. Currently only supported
by OS/2 version. |
Configuration files
All IPS configuration files are AscII based text files divided into sections,
each section has a number of parameters. An example file could look like
this:
[SECTION1]
Param1: Test
Param2: 321
[SECTION2]
Param2: Some value
Param1: This good
|
Services
\cfg\ips.cfg
This is the main IPS configuration file. This file just has to exist.
\cfg\[cfggrp]\[cfggrp].cfg
For each sub-directory IPS find below \cfg\ it assume that it include another
configuration group. A configuration group is a method of defining multiple
different users/groups setups for sites with multiple-home setup. Each
of these sub-directories must have a group configuration file with the
same name as the directory and an extension of .cfg.
Group configuration files are made up by one [GLOBAL], one [ACCESS],
one [SERVICES] and one or more service specific sections.
[GLOBAL] section example:
[GLOBAL]
SiteDescription: Example IPS powered site
SiteAdminUser: Admin
SiteAdminMail: Admin@site.com
UserDirectory: cfg/main/users
GroupDirectory: cfg/main/groups
HomeDirectoryRoot: /e/home
|
[GLOBAL] section parameters:
Parameter |
Description |
Default |
SiteDescription |
Informational text describing your site. |
none |
SiteAdminUser |
UserID for the main administrative user. Also known as
root on UNIX systems. |
none |
SiteAdminMail |
E-mail address for the main administrative user. |
none |
UserDirectory |
Directory for the user files, relative to IPS-root or absolute.
OS format. |
none |
GroupDirectory |
Directory for the group files, relative to IPS-root or
absolute. OS format. |
none |
HomeDirectoryRoot |
Root directory for the users home directories. UNIX format. |
none |
[ACCESS] section example:
[ACCESS]
e:/pub/incoming/*;admin;users;773;001
e:/pub/*;admin;users;755;000
e:/home/admin/*;admin;users;700;000
*;admin;users;111;000
|
[ACCESS] section parameters:
This format is also used for the [ACCESS] section in the user files.
Parameter |
Description |
Example value |
PathMask |
Mask which must match to make this access line active |
e:/pub/incoming/* |
Owner |
UserID of the user given the owner rights of this access
line. Also known as the owner of the items. |
admin |
Group |
GroupID of whose members are give the group rights of this
access line. |
users |
UnixAccess |
UNIX style access numbers. This number consist of three
digits one for each of the owner, group and other settings; meaning that
the user Owner is given the access of the first digit, users which are
members of the Group are giving the access of the second digit, and all
other users are given the access of the third and last digit.
Each digit are made added together from these accesses:
1=Execute (or list) access
2=Write access
4=Read access.
|
773 |
ExtendedAccess |
Special IPS additions to the standard UNIX accesses. Works
the same way as above with one digit for owner, group and other.
Available extended accesses include:
1=Limit delete.
|
001 |
[SERVICES] section example:
[SERVICES]
TELNETD
FTPD
SMTPD
POP3D
|
The [SERVICES] section is really simple, it only consists of a list
of the service-section's to search the file for. First entry here tell
IPS to find a service-section identified by [TELNETD] somewhere in this
file.
Parameters common for all service-sections example:
[service-section]
Protocol:
Address:
Port:
Host:
LogFile:
LogFlag:
DebugFlag:
|
-
Parameters common for all service-sections:
Parameter |
Description |
Default |
Host |
Host name this service should identify itself as. |
none |
Protocol |
What protocol should this services
run. Possible choices are:
telnetd for shell login
ftpd for File Transfer Protocol (rfc959)
smtpd for Simple Mail Transfer Protocol (rfc821)
pop3d for Post Office Protocol - Version 3 (rfc1939)
|
none |
Address |
Optional parameter used to select which IP address the
service should listen on for multiple homed setup on a machine with multiple
IP addresses. The address should be specified in as four decimal numbers
separated with only a dot. |
Any IP address |
Port |
Optional parameter used to run services on non-standard
ports. Please keep in mind that many fire-walls could block users for accessing
services on non-standard ports. |
Protocol dependent:
ftpd 21
telnetd 23
smtpd 25
pop3d 110
|
Timeout |
Time in seconds the connection can be inactive before it
is closed. |
none |
LogFile |
Name of file to log all activity on this service. This
file should always have the default extension of .log. |
none |
LogFlag |
Level of logging to perform. These levels are Protocol
dependent. |
none |
DebugFlag |
Level of debug logging to perform. This is added together
from these levels;
1=Incoming commands
2=Outgoing command replies
4=Long commands or replies
8=Trace internals
Level 8 should only be used if requested by support personnel. |
none |
FTP services
Parameter |
Description |
Default |
RootDirectory |
Basic root directory of FTPd. UNIX format. |
none |
MaxUserBandwidth |
Maximum retrieve bandwidth for each normal user session. |
none |
MaxAnonBandwidth |
Maximum retrieve bandwidth for each guest session. |
none |
TimeoutMax |
Maximum time-out allowed by SITE IDLE command. |
none |
WelcomeFile |
Path of initial welcome files. OS format. |
none |
HideIfNoAccess |
Hide files and directories which the user has no access
to from directory listings. |
none |
rxOnConnect |
Path of RexxHook called when a new user connects. Script
should return 0 if connection are ok, or a response if not. |
none |
rxOnCommand |
Path of RexxHook called when each command is received before
it is executed. Script should return 0 or a changed command line. |
none |
rxOnPass |
Path of RexxHook called when the password for a guest session
is received. Script should return 0 if ok, or a response to reject the
log-in. |
none |
rxOnRetr |
Path of RexxHook called before a file is sent to the user.
Script should return 0 if the transfer are to proceed, and a response if
it is rejected. |
none |
rxOnSite |
Path of RexxHook called before executing internal SITE
commands, this script could return 0 to allow internal execution of the
command or it could reject it by returning a response. |
none |
rxOnStor |
Path of RexxHook called before a file is received from
the user. Script should return 0 if the transfer are to proceed, and a
response if it is rejected. |
none |
rxOnUser |
Path of RexxHook called after a user name is received and
a user file found. Script should return 0 if log-in are ok, a response
to reject. |
none |
-
SMTP services
Parameter |
Description |
Default |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-
POP3 services
RexxHooks
System Variables
IPS has a lot of variables available for getting more information from
a running server. These variables can be used in system texts, response
files and RexxHook-scripts. To identify a variable you have to insert the
variable name within two percent signs in your text.
So, to insert the make a string with the current IPS version you could
make something like this:
"This site is running InetPowerServer/2 %(vers)"
System wide FIB procedures
cfg(file,section,ident)
fill(text,size[,pad])
System wide read-only variables
ctid Client TID.
date Current date.
time Current time.
uptime Server uptime string.
vers IPS version.
vers.compile IPS version compilation date/time.
FTP session read-only variables
connectduration Duration of current session (seconds).
connecttime Starttime of session (seconds since 1980).
configfile Path of service configuration file.
configsection Section in service configuration file.
curdir Directory of current session.
curdisk Root and current directory of current session in OS format.
curpath Full path of current/last file/directory action.
curroot Root directory of current session.
debugflag Debugflag from the group configuration file.
idle Current time idle.
logfile LogFile from the group configuration file.
logflag LogFlag from the group configuration file.
password Password typed by Anonymous user.
recv Files received from user this session.
recvkb KBytes received from user this session.
remotehost Client host name.
remoteip Client IP address.
sent Files sent to user this session.
sentkb KBytes sent to user this session.
sock Main socket of current session.
sock.next Main socket of next session.
sock.prev Main socket of previous session.
status Status of session.
timeout Idle time-out value of current session.
timeoutmax TimeoutMax from the group configuration file.
type Transfer type setting of current session.
usr.admin Administrative user.
usr.anon Anonymous user.
usr.recv Files received from user.
usr.recvkb KBytes received from user.
usr.sent Files sent to user.
usr.sentkb KBytes sent to user.
usr.username Name of user in current session.