ibmi-brunch-learn

Announcement

Collapse
No announcement yet.

Bypassing FTP

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Bypassing FTP

    Hello

    I tried researching this and I couldn?t find anything

    We are running our DR test next month, during the test will be running all our normal jobs and some of these include FTP. We don?t want files to be FTP?d anywhere.

    In the past we renamed the FTP and STRTCPFTP commands which works but all the job that try to FTP go on MSGW and we have to reply to the MSGW for the job to continue.

    My question is Is there another way to do this without having to rename the commands so the jobs will not go on MSGW but the file transfer will not happen?

    Thanks a lot

  • #2
    You could try locking the FTP port being used for transmission (go cfgTcp, option 4).

    However, I don't know what error will be thrown by that, and therefore could possibly still end up with your programs in MSGW.

    Walt

    Comment


    • #3
      Could you create a new library and place that at the top of the system LIBL during your tests with a pretend FTP command - a command that called a program that did nothing?

      Comment


      • #4
        John's command could send a message to QSYSOPR or a log file saying that the FTP command had been run and with what parameters. Then you know it would have run.

        Comment


        • #5
          Just change the programs that call The FTP command to test for RTVNETA SYSNAME(&SYSNAME) if its the DR(SYSNAME) ENDPGM.

          Comment


          • #6
            We've done something like that. We have different libraries depending on the environment (Production, User Testing, Development) . If we have an FTP that can't be sent during a test, we check the environment so it only runs the command for Production. Sometimes we use a parameter in the CL to indicate the environment; sometimes we find out the library that is holding a specific file that must be there. We're nothing if not not consistent!


            Comment


            • #7
              Tom Wheeler wrote: "Just change the programs that call The FTP command to test for RTVNETA SYSNAME(&SYSNAME) if its the DR(SYSNAME) ENDPGM."

              When we do a DR test, our system name doesn't change...maybe retrieve IP address instead?

              Cheers,

              Emmanuel

              Comment


              • #8
                If you don't anybody to access the system via FTP simply end the service.

                ENDTCPSVR SERVER(*FTP)

                You can use CHGFTPA AUTOSTART(*NO) to have FTP not start up automatically.

                Comment


                • #9
                  Originally posted by Rocky View Post
                  If you don't anybody to access the system via FTP simply end the service.

                  ENDTCPSVR SERVER(*FTP)

                  You can use CHGFTPA AUTOSTART(*NO) to have FTP not start up automatically.
                  That would not stop outgoing FTP. That server only does incoming FTP.

                  Comment


                  • #10
                    I would use object level security rather than renaming the object... and if you have access to the source put MONMSG on the FTP statements.

                    Or - in my case I use Cilasoft and I can open up or restrict using any service, including FTP client, by utilizing appropriate rules.

                    Comment

                    Working...
                    X