Operating System - OpenVMS
1839148 Members
2706 Online
110136 Solutions
New Discussion

Re: Tracking TCPIP SHOW DEVICE_SOCKETS to specific session

 
SOLVED
Go to solution
Richard W Hunt
Valued Contributor

Tracking TCPIP SHOW DEVICE_SOCKETS to specific session

Our security folks sometimes get a little crazy about TCP/IP security. They want to be able to trace a port number to a specific user and process. Unfortunately, what you get from the TCPIP SHOW DEVICE_SOCKETS command is BG devices, but what I REALLY want is to be able to tie the BG devices back to the corresponding TNA (pseudo-terminal) devices linked to and fed by the BGs.

The problem is that TNA devices have owners. BG devices, despite being active devices, do not. (Do a SHOW DEVICE/FULL TNA and compare it to a SHOW DEVICE/FULL BG to see the differences between the two.)

Short of writing privileged code to track an address chain through the device database, a prospect that doesn't enthrall me, is there a command that lets me track this linkage from a command-line prompt?
Sr. Systems Janitor
5 REPLIES 5
Åge Rønning
Trusted Contributor
Solution

Re: Tracking TCPIP SHOW DEVICE_SOCKETS to specific session

The port number you see when typing "show us/f" should correspond to the port you get in TCPIP SHOW DEV if I remember correctly.
VMS Forever
Willem Grooters
Honored Contributor

Re: Tracking TCPIP SHOW DEVICE_SOCKETS to specific session

It requires a number of lists:

$ SHOW DEV/FULL TNA - gives owning process data (name, Id, account) for each TNA device.

$ SHOW PROCESS/ID=
This will give you terminalnumber, remote host and portnumber for this process

$ TCPIP SHO DEV/FULL
search this list for remote host and port - and you'll have the BG device as well.

See attachment for an example.





Willem Grooters
OpenVMS Developer & System Manager
Antoniov.
Honored Contributor

Re: Tracking TCPIP SHOW DEVICE_SOCKETS to specific session

Look this example:
$ SAY="WRITE SYS$OUTPUT"
$ A = 0
$MLOOP:
$ PN=F$PID(A)
$ IF PN .EQS. "" THEN GOTO END_LOOP
$ PPID :== 'PN'
$! Only interactive user
$ MODE=F$GETJPI(PPID,"MODE")
$ IF MODE.NES."INTERACTIVE" THEN GOTO MLOOP
$! Only telnet session
$ VT=F$GETJPI(PPID,"TERMINAL")
$ IF VT.EQS."" THEN GOTO MLOOP
$ IF F$EXTR(0,3,VT).NES."TNA" THEN GOTO MLOP
$ REMOTE=F$GETDVI(VT,"TT_ACCPORNAM")
$ REM_IP=F$ELEM(1," ",F$EDIT -(REMOTE,"COMPRESS"))
$! Now display Proc.ID, Terminal and Remote data
$ SAY PPID," ",VT," ",REMOTE," ",REM_IP,"!"
$ GOTO MLOOP
$END_LOOP:
$ EXIT
This is only an example. This command procedure don't work id you have define PC as host (TCPIP DEF HOST ...)

Bye
Antoniov

Antonio Maria Vigliotti
Ian Miller.
Honored Contributor

Re: Tracking TCPIP SHOW DEVICE_SOCKETS to specific session

As has been said several commands are required. The procedure I use can be found here
http://dcl.openvms.org/stories.php?story=03/06/03/0226504
____________________
Purely Personal Opinion

Re: Tracking TCPIP SHOW DEVICE_SOCKETS to specific session

hi Antoniov,

it will work better with

$ IF F$EXTR(0,3,VT).NES."TNA" THEN GOTO MLOOP

and

$ REM_IP=F$ELEM(1," ",F$EDIT(REMOTE,"COMPRESS"))

:P

just my 2 cents