InetPowerServer - Electronic Documentation


3. System configuration

This document will guide you through the information needed to configure your IPS server.

Directory structure

The IPS distribution .ZIP is packed with a first level directory of ips2\ or ips32\ (for OS/2 or Windows NT version) and each new version can safely be extracted over the old one since all configuration, script and message example files are packed within the doc\ sub-directory. You should however check your setup against the one provided under doc\ before restarting your server with the new version.

The directory ips2\ or ips32\ is called the IPS-root and has the following sub-directory structure:

Path

Description

\

IPS root directory, the directory name below this level is ips2\ for the OS/2 version, and ips32\ for the Windows NT version.

\file_id.diz

Archive information file.

\setup.cmd

Rexx script used for first-time setup or to recreate program folder and icons.

\startips.cmd

Rexx script used to start the IPS server from the command line.

\bin\

IPS executables.

\bin\history.cmd

Rexx script or batch file called by \startips.cmd to archive old log files.

\bin\ips*.exe

Main IPS executable currently in use. File name is ips2.exe for the OS/2 version and ips32.exe for the Windows NT version.

\bin\ips*old.exe

Backup copy of last file replaced by the update.cmd script.

\bin\ips*upd.exe

New copy to be used on next server restart.

\bin\password.exe

Program to generate encrypted passwords.

\bin\update.cmd

Rexx script or batch file called by \startips.cmd to perform program version switch.

\bin\chgrp.exe
\bin\chmod.exe
\bin\chown.exe
\bin\ls.exe

Ports of UNIX based GNU utilities modified to work with the IPS access system.

\bin\ico\

IPS icon files.

\cfg\
\cfg\main\
\cfg\main\users\
\cfg\main\groups\

InetPowerServer configuration.

\doc\

InetPowerServer documentation, this directory includes several sub-directories with the default configuration example.

\log\

Directory where your log files are written.

\msg\

Directory where your multiple-line response files are placed.

\scr\

Directory for your RexxHook scripts.

Configuration files

All IPS configuration files are AscII based text files divided into sections, each section has a number of parameters. An example file could look like this:

[SECTION1]
Param1: Test
Param2: 321

[SECTION2]
Param2: Some value
Param1: This good

Services

\cfg\ips.cfg

This is the main IPS configuration file. This file just has to exist.

\cfg\[cfggrp]\[cfggrp].cfg

For each sub-directory IPS find below \cfg\ it assume that it include another configuration group. A configuration group is a method of defining multiple different users/groups setups for sites with multiple-home setup. Each of these sub-directories must have a group configuration file with the same name as the directory and an extension of .cfg.

Group configuration files are made up by one [GLOBAL], one [ACCESS], one [SERVICES] and one or more service specific sections.

[GLOBAL] section example:
[GLOBAL]
SiteDescription: Example IPS powered site
SiteAdminUser: Admin
SiteAdminMail: Admin@site.com
UserDirectory: cfg/main/users
GroupDirectory: cfg/main/groups
HomeDirectoryRoot: /e/home

[GLOBAL] section parameters:

Parameter

Description

Default

SiteDescription

Informational text describing your site.

none

SiteAdminUser

UserID for the main administrative user. Also known as root on UNIX systems.

none

SiteAdminMail

E-mail address for the main administrative user.

none

UserDirectory

Directory for the user files, relative to IPS-root or absolute. OS format.

none

GroupDirectory

Directory for the group files, relative to IPS-root or absolute. OS format.

none

HomeDirectoryRoot

Root directory for the users home directories. UNIX format.

none



[ACCESS] section example:
[ACCESS]
e:/pub/incoming/*;admin;users;773;001
e:/pub/*;admin;users;755;000
e:/home/admin/*;admin;users;700;000
*;admin;users;111;000
[ACCESS] section parameters:

This format is also used for the [ACCESS] section in the user files.

Parameter

Description

Example value

PathMask

Mask which must match to make this access line active

e:/pub/incoming/*

Owner

UserID of the user given the owner rights of this access line. Also known as the owner of the items.

admin

Group

GroupID of whose members are give the group rights of this access line.

users

UnixAccess

UNIX style access numbers. This number consist of three digits one for each of the owner, group and other settings; meaning that the user Owner is given the access of the first digit, users which are members of the Group are giving the access of the second digit, and all other users are given the access of the third and last digit.

Each digit are made added together from these accesses:

  1=Execute (or list) access
  2=Write access
  4=Read access. 

773

ExtendedAccess

Special IPS additions to the standard UNIX accesses. Works the same way as above with one digit for owner, group and other.

Available extended accesses include:

  1=Limit delete. 

001

[SERVICES] section example:
[SERVICES]
TELNETD
FTPD
SMTPD
POP3D



The [SERVICES] section is really simple, it only consists of a list of the service-section's to search the file for. First entry here tell IPS to find a service-section identified by [TELNETD] somewhere in this file.

Parameters common for all service-sections example:
[service-section]
Protocol:
Address:
Port:
Host:
LogFile:
LogFlag:
DebugFlag:


Parameters common for all service-sections:

Parameter

Description

Default

Host

Host name this service should identify itself as.

none

Protocol

What protocol should this services run. Possible choices are:

  telnetd for shell login
  ftpd    for File Transfer Protocol           (rfc959)
  smtpd   for Simple Mail Transfer Protocol    (rfc821)
  pop3d   for Post Office Protocol - Version 3 (rfc1939) 

none

Address

Optional parameter used to select which IP address the service should listen on for multiple homed setup on a machine with multiple IP addresses. The address should be specified in as four decimal numbers separated with only a dot.

Any IP address

Port

Optional parameter used to run services on non-standard ports. Please keep in mind that many fire-walls could block users for accessing services on non-standard ports.

Protocol dependent:

  ftpd     21
  telnetd  23
  smtpd    25
  pop3d   110

Timeout

Time in seconds the connection can be inactive before it is closed.

none

LogFile

Name of file to log all activity on this service. This file should always have the default extension of .log.

none

LogFlag

Level of logging to perform. These levels are Protocol dependent.

none

DebugFlag

Level of debug logging to perform. This is added together from these levels;

  1=Incoming commands
  2=Outgoing command replies
  4=Long commands or replies
  8=Trace internals

Level 8 should only be used if requested by support personnel.

none



FTP services

Parameter

Description

Default

RootDirectory

Basic root directory of FTPd. UNIX format.

none

MaxUserBandwidth

Maximum retrieve bandwidth for each normal user session.

none

MaxAnonBandwidth

Maximum retrieve bandwidth for each guest session.

none

TimeoutMax

Maximum time-out allowed by SITE IDLE command.

none

WelcomeFile

Path of initial welcome files. OS format.

none

HideIfNoAccess

Hide files and directories which the user has no access to from directory listings.

none

rxOnConnect

Path of RexxHook called when a new user connects. Script should return 0 if connection are ok, or a response if not.

none

rxOnCommand

Path of RexxHook called when each command is received before it is executed. Script should return 0 or a changed command line.

none

rxOnPass

Path of RexxHook called when the password for a guest session is received. Script should return 0 if ok, or a response to reject the log-in.

none

rxOnRetr

Path of RexxHook called before a file is sent to the user. Script should return 0 if the transfer are to proceed, and a response if it is rejected.

none

rxOnSite

Path of RexxHook called before executing internal SITE commands, this script could return 0 to allow internal execution of the command or it could reject it by returning a response.

none

rxOnStor

Path of RexxHook called before a file is received from the user. Script should return 0 if the transfer are to proceed, and a response if it is rejected.

none

rxOnUser

Path of RexxHook called after a user name is received and a user file found. Script should return 0 if log-in are ok, a response to reject.

none


SMTP services

Parameter

Description

Default




















POP3 services



RexxHooks



System Variables

IPS has a lot of variables available for getting more information from a running server. These variables can be used in system texts, response files and RexxHook-scripts. To identify a variable you have to insert the variable name within two percent signs in your text.

So, to insert the make a string with the current IPS version you could make something like this:

"This site is running InetPowerServer/2 %(vers)"

System wide FIB procedures

cfg(file,section,ident)
fill(text,size[,pad])

System wide read-only variables

ctid               Client TID.
date               Current date.
time               Current time.
uptime             Server uptime string.
vers               IPS version.
vers.compile       IPS version compilation date/time.

FTP session read-only variables

configfile         Path of service configuration file.
configsection      Section in service configuration file.
curdir             Directory of current session.
curdisk            Root and current directory of current session in OS format.
curpath            Full path of current/last file/directory action.
curroot            Root directory of current session.
debugflag          Debugflag from the group configuration file.
idle               Current time idle.
logfile            LogFile from the group configuration file.
logflag            LogFlag from the group configuration file.
password           Password typed by Anonymous user.
recv               Files received from user this session.
recvkb             KBytes received from user this session.
remotehost         Client host name.
remoteip           Client IP address.
sent               Files sent to user this session.
sentkb             KBytes sent to user this session.
sock               Main socket of current session.
sock.next          Main socket of next session.
sock.prev          Main socket of previous session.
status             Status of session.
timeout            Idle time-out value of current session.
timeoutmax         TimeoutMax from the group configuration file.
type               Transfer type setting of current session.
usr.admin          Administrative user.
usr.anon           Anonymous user.
usr.recv           Files received from user.
usr.recvkb         KBytes received from user.
usr.sent           Files sent to user.
usr.sentkb         KBytes sent to user.
usr.username       Name of user in current session.