Thanks, I didn't know about that TN3270 LU Exit.
Related: We coded an FTP exit many years ago to WTO the client IP
address of each connection, and by an odd coincidence only a few days
later a certain userid was revoked due to bad password attempts. We
looked through RACF SMF records and found it was revoked by the FTP
task, but that didn't help much until we found the IP address in the
WTO. That lead us to a consultant doing some internal instrusion
testing. I think we would have been stuck guessing without the display.
Brian Westerman wrote:
It would depend upon which IP's you are trying to keep track of. You can control the outside IP's as to which which inside LU's they are allowed to use and you can assign them one to one if you wish via LUGROUP and LUMAP in your TN3270 profile.
If you don't want to "control" who gets what, and only wish to monitor what incoming
IP's are coming in, assuming they are going ot get an LU at some point (and what LU they get
if you want), then you can use the TN3270 LU exit, which has the incoming IP in Register 1
when the function code in Register 0 is "01- assign). At that point in time you could
generate a WTO of the parts you're interested in, or generate an SMF record (sort of like
FTCHKIP does for FTP).
To better answer your question you would need to provide more information on just what it is you
are trying to accomplish. If you just want to "know" what IP's are coming in at all
times, then I have to submit that it's almost foolish to do so because while it might be
interesting for a couple minutes to look at it, but after a while it would likely be ignored and
someone (rightly so) would probably exclude your WTO in MPFLSTxx. If you are doing it to be able
to exert some control over the functionality and "who (which IP) gets in to go where",
then there are already really good controls built-in filters in TCP do do that, (including the
TN3270 ones I mentioned above). There are filters that you can use and act on.
If you just want to know what IPs are coming in right now and where they are going to
(application wise), then you can get that from a simple "NETSTAT CONN" command.
So without knowing more of what you are trying to get and use, it's hard to
give you help.
Brian
On Wed, 21 Mar 2018 09:02:33 +0800, ibmmain <ibmm...@foxmail.com> wrote:
Hi all
We want to monitor which 3270 terminal (ip address) every TSO user logon on .
Could you help us?
Thanks a lot !
Jason Cai
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
