InetPowerServer Electronic Documentation

Table of Contents

1 Introduction to InetPowerServer

1.1 Service features

1.1.1 FTP service features

1.1.2 POP service features

1.1.3 SMTP service features

1.1.4 TELNET service features

2 System configuration

2.1 Directory structure

2.2 Configuration files

2.2.1 Group configuration file

2.2.2 Language configuration files

2.3 User files

2.4 RexxHooks

2.5 System Variables

2.5.1 System wide FIB procedures

2.5.2 System wide read-only variables

2.5.3 FTP session read-only variables

2.5.4 SMTP session read-only variables

2.5.5 POP3 session read-only variables

3 Last minute changes

4 Development history

5 Support/Contact Information

5.1 Mailing list

5.2 Internet Relay Chat (IRC)

5.3 FTP site

5.4 Author directly

6 Credits



1 Introduction to InetPowerServer

InetPowerServer (IPS) is a powerful server for standard Internet services like file transfers and e-mail for OS/2 or Windows NT operating systems. The OS/2 version is called InetPowerServer/2 (IPS/2) and the Windows NT version is called InetPowerServer/32 (IPS/32). Both versions utilizes full multithreading and will run well on SMP systems as well as single CPU machines.

IPS is written by Terje Flaarønning using Virtual Pascal v2.0 by fPrint.

IPS follows the current Internet standards for the implemented services. And client applications will "see" IPS just a the same services on a UNIX server. A list of the currently supported services and their level of implementation can be found in the history chapter.

The idea behind IPS is a powerful and flexible server. All configuration files are text files which can be edited by any text editor, even the user data base is based on text files. Very powerful scripting is also provided by the support for REXX built into IPS (OS/2 version only). In addition to this IPS provide a full UNIX alike security system down to a per file level. "chown", "chgrp", "chmod" and "ls" UNIX style utilities are included with IPS.

IPS feature list include:



1.1 Service features

Service protocol

Specifications(s) followed

Comments

FTPd

rfc959

Most of rfc959 is supported. Also additional features are available.

POP3d

rfc1939


TELNETd

rfc854


SMTPd

rfc821




1.1.1 FTP service features

The following FTP commands are implemented according to various rfc's:

Command

Date

Access

Notes

ABOR

1999/05/16

---


ACCT

Not implemented


			


ALLO

Not implemented


			


APPE

1999/05/16

rw-


CDUP, XCUP

1999/05/16

--x


CWD, XCWD

1999/05/16

--x


DELE

1999/05/16

rw-


FEAT

1999/05/16

---

As defined in rfc2389

HELP

1999/05/16

---


LIST

1999/05/16

--x


MDTM

1999/05/16

r--


MKD, XMKD

1999/05/16

-wx


MODE

1999/05/16

---


NOOP

1999/05/16

---


PASS

1999/05/16

---


PASV

1999/05/16

---


PORT

1999/05/16

---


PWD, XPWD

1999/05/16

---


REIN

1999/05/16

---


REST

1999/05/16

---


RETR

1999/05/16

r--


RNFR

1999/05/16

rw-


RNTO

1999/05/16

-w-


RMD, XRMD

1999/05/16

-wx


SMNT

Not implemented


			


SITE

1999/05/16

---


SIZE

1999/05/16

r--

Not implemented for sub-directories

STAT

Not implemented


			


STOR

1999/05/16

-w-


STOU

Not implemented


			


STRU

Not implemented


			


SYST

1999/05/16

---


TYPE

1999/05/16

---


USER

1999/05/16

---




Special IPS commands

Command

Date

Access

Description

SITE IDLE

1999/05/16

Any user

Change current idle time-out.

SITE LANG

1999/05/16

Any user

Change current response language.

SITE PASS

1999/05/16

Any user with ChangePassword setting enabled

Change password.

SITE RADM KILL

1999/05/16

Administrator

Kill listed sockets.

SITE RADM LIST SOCKETS

1999/05/16

Administrator

List active sockets.

SITE RADM LIST SERVICES

1999/05/16

Administrator

List active services.

SITE RADM MONITOR

1999/05/16

Administrator

Start a real-time site monitor.

SITE RADM RESTART

1999/05/16

Administrator

Restart IPS when all sockets are closed or at once if done twice.

SITE RADM SHUTDOWN

1999/05/16

Administrator

Shutdown IPS when all sockets are closed or at once if done twice.

SITE WHO

1999/05/16

Any user

List active sockets.

SITE XIPS XCMD

1999/05/16

Any user

Active IPS specific extended command connection.


SITE XIPS XCMD

After issued this setting will make IPS send various information on the control connection even if they are not a response to a specific command. Well activated, the session using this feature is no longer rfc compliant.

The responses sent after this is enables has the format:

IPS <command>|<code>|<parameter>|

<command> is the FTP command this response shall be associated with.
<code> is the sub-code.
<parameter> is a response specific value.

There may be any number of parameters, and extra parameters can be added to responses without further notice. Each parameter is always terminated with a | (pipe) character.

Defined extended command responses are:

Command

Response

Description

APPE
IPS APPE|0|<xfered>|

<xfered> is a decimal number of bytes transferred so far.

RETR
IPS RETR|0|<xfered>|

<xfered> is a decimal number of bytes transferred so far.

RETR
IPS RETR|1|<filesize>|<filedate>|

<filesize> is a decimal number of bytes describing the size of the file.
<filedate> is the date of the file in the same format as MDTM returns.

STOR
IPS STOR|0|<xfered>|

<xfered> is a decimal number of bytes transferred so far.



1.1.2 POP service features



1.1.3 SMTP service features



1.1.4 TELNET service features



2 System configuration

This document will guide you through the information needed to configure your IPS server.


2.1 Directory structure

The IPS distribution .ZIP is packed with a first level directory of ips\ (for OS/2 or Windows NT version) and each new version can safely be extracted over the old one since all configuration, script and message example files are packed within the doc\ sub-directory. You should however check your setup against the one provided under doc\ before restarting your server with the new version.

The directory ips\ is called the IPS-root and has the following sub-directory structure:


Path

Description

.\

IPS root directory, the directory name below this level is ips2\ for the OS/2 version, and ips32\ for the Windows NT version.

.\file_id.diz

Archive information file.

.\setupos2.cmd
.\setupw32.bat

Rexx script (OS/2) or batch file (Windows) used for first-time setup or to recreate program folder and icons.

.\startips.bat
.\startips.cmd

Rexx script (OS/2) or batch file (Windows) used to start the IPS server from the command line.

.\bin\

IPS executables.

.\bin\history.*

Rexx script or batch file called by \startips.cmd to archive old log files. This file is automatically created by IPS.

.\bin\ips*.exe

Main IPS executable currently in use. File name is ips2.exe for the OS/2 version and ips32.exe for the Windows NT version.

.\bin\ips*old.exe

Backup copy of last file replaced by the update.cmd script.

.\bin\ips*upd.exe

New copy to be used on next server restart.

.\bin\pwd2.exe
.\bin\pwd32.exe

Program to generate encrypted passwords.

.\bin\chgrp.exe
.\bin\chmod.exe
.\bin\chown.exe
.\bin\ls.exe

Ports of UNIX based GNU utilities modified to work with the IPS access system. Only supported by OS/2 version of IPS.

.\bin\ico\

IPS icon files.

.\cfg\
.\cfg\main\
.\cfg\main\users\
.\cfg\main\stats\

InetPowerServer configuration. You may add multiple site personalities with multiple "main" directory trees.

.\doc\

InetPowerServer documentation, this directory includes several sub-directories with the default configuration example.

.\log\

Directory where your log files are written.

.\msg\

Directory where your multiple-line response files are placed.

.\que\mail\

Default queue directory for SMTP mail.

.\scr\

Directory for your RexxHook scripts. Currently only supported by OS/2 version.



2.2 Configuration files

All IPS configuration files are AscII based text files divided into sections, each section has a number of parameters. An example file could look like this:

[SECTION1]
Param1: Test
Param2: 321

[SECTION2]
Param2: Some value
Param1: This good

2.2.1 Group configuration file

\cfg\ips.cfg

This is the main IPS configuration file. This file just has to exist.


\cfg\[cfggrp]\[cfggrp].cfg

For each sub-directory IPS find below \cfg\ it assume that it include another configuration group. A configuration group is a method of defining multiple different users/groups setups for sites with multiple-home setup. Each of these sub-directories must have a group configuration file with the same name as the directory and an extension of .cfg.

Group configuration files are made up by one [GLOBAL], one [ACCESS], one [SERVICES] and one or more service specific sections.

[GLOBAL] section example:
[GLOBAL]
SiteDescription: Example IPS powered site
SiteAdminUser: Admin
SiteAdminMail: Admin@site.com
UserDirectory: .\cfg\main\users
StatDirectory: .\cfg\main\stats
HomeDirectoryRoot: \e\home
GroupsDefined: users
ServiceSections: TELNET FTP SMTP POP3

[GLOBAL] section parameters:

Parameter

Description

Default

SiteDescription

Informational text describing your site.

none

SiteAdminUser

UserID for the main administrative user. Also known as root on UNIX systems.

none

SiteAdminMail

E-mail address for the main administrative user.

none

UserDirectory

Directory for the user files, relative to IPS-root or absolute. OS format.

none

StatDirectory

Directory for the stat files, relative to IPS-root or absolute. OS format.

none

HomeDirectoryRoot

Root directory for the users home directories. UNIX format.

none

GroupsDefined

A list of defined user groups.

none

ServiceSections

A list of service sections defined in this file

none



[ACCESS] section example:
[ACCESS]
e:\pub\incoming\*;admin;users;777;011
e:\pub\*;admin;users;755;000
e:\;admin;users;111;000
;admin;users;711;000
*;admin;users;700;000


In the [ACCESS] section you list accesses defined for you files systems. Access masks are OS style path masks. This may include * and ? wild-chars anywhere in the path. You should note that the first matching mask is used.

This format is also used for the [ACCESS] section in the user files.

[ACCESS] section parameters:

Parameter

Description

Example value

PathMask

Mask which must match to make this access line active

e:\pub\incoming\*

Owner

UserID of the user given the owner rights of this access line. Also known as the owner of the items.

admin

Group

GroupID of whose members are give the group rights of this access line.

users

UnixAccess

UNIX style access numbers. This number consist of three digits one for each of the owner, group and other settings; meaning that the user Owner is given the access of the first digit, users which are members of the Group are giving the access of the second digit, and all other users are given the access of the third and last digit.

Each digit are made added together from these accesses:

1=Execute (or list) access
2=Write access
4=Read access.

773

ExtendedAccess

Special IPS additions to the standard UNIX accesses. Works the same way as above with one digit for owner, group and other.

Available extended accesses include:

1=Limit delete.

001



Parameters common for all service-sections example:
[service-section]
Protocol:
Address:
Port:
Host:
LogFile:
LogFlag:
DebugFlag:



Parameters common for all service-sections:

Parameter

Description

Default

Host

Host name this service should identify itself as.

None

Protocol

What protocol should this services run. Possible choices are:

telnetd for shell login
ftpd for File Transfer Protocol (rfc959)
smtpd for Simple Mail Transfer Protocol (rfc821)
pop3d for Post Office Protocol - Version 3 (rfc1939)

None

Address

Optional parameter used to select which IP address the service should listen on for multiple homed setup on a machine with multiple IP addresses. The address should be specified in as four decimal numbers separated with only a dot.

Any IP address

Port

Optional parameter used to run services on non-standard ports. Please keep in mind that many fire-walls could block users for accessing services on non-standard ports.

Protocol dependent:

ftpd 21
telnetd 23
smtpd 25
pop3d 110
Timeout

Time in seconds the connection can be inactive before it is closed.

None

LogFile

Name of file to log all activity on this service. This file should always have the default extension of .log.

None

LogFlag

Level of logging to perform. These levels are Protocol dependent. You should set the level for those log entries you don't want.

FTPd:

1=PASS, USER
2=APPE, DELE, RETR, RNFR, RNTO, STOR
4=CDUP, CWD, LIST, NLST, XCUP, XCWD
8=MKD, RMD, XMKD, XRMD
16=MDTM, SIZE, TYPE
32=PORT, REST
64=PWD, SITE, SYST, XPWD

ABOR, FEAT, HELP, MODE, NOOP, PASV, QUIT, REIN, STAT,

SMTPd:

1=HELO
2=MAIL, RCPT
4=DATA
8=RSET

POP3d:

1=PASS, USER
2=DELE, RETR
4=LIST, STAT
8=RSET

QUIT

None

DebugFlag

Level of debug logging to perform. This is added together from these levels;

1=Incoming commands
2=Outgoing command replies
4=Long commands or replies
8=Trace internals

Level 8 should only be used if requested by support personnel.

None

ClientAddress

List of IP or Host masks to allow or deny access. First matching mask will be used.

One example:
"127.* !*" Will allow access from all IP's starting with 127. and deny all others.

none



FTP services

Parameter

Description

Default

RootDirectory

Basic root directory of FTPd. UNIX format.

None

MaxUserBandwidth

Maximum retrieve bandwidth for each normal user session.

None

MaxAnonBandwidth

Maximum retrieve bandwidth for each guest session.

None

TimeoutMax

Maximum time-out allowed by SITE IDLE command.

None

WelcomeFile

Path of initial welcome files. OS format.

None

HideIfNoAccess

Hide files and directories which the user has no access to from directory listings.

None

MinFreeSpace

Do not allow uploads on disks with less than xx MB free space.

none

DisableEA

Disable EA access system. (1=disable)

0

DisableDircount

Disable display of subdirectory count. (1=disable)

0

rxOnConnect

Path of RexxHook called when a new user connects. Script should return 0 if connection are ok, or a response if not.

None

rxOnCommand

Path of RexxHook called when each command is received before it is executed. Script should return 0 or a changed command line.

None

rxOnPass

Path of RexxHook called when the password for a guest session is received. Script should return 0 if ok, or a response to reject the log-in.

None

rxOnRetr

Path of RexxHook called before a file is sent to the user. Script should return 0 if the transfer are to proceed, and a response if it is rejected.

None

RxOnSite

Path of RexxHook called before executing internal SITE commands, this script could return 0 to allow internal execution of the command or it could reject it by returning a response.

none

rxOnStor

Path of RexxHook called before a file is received from the user. Script should return 0 if the transfer are to proceed, and a response if it is rejected.

None

rxOnUser

Path of RexxHook called after a user name is received and a user file found. Script should return 0 if log-in are ok, a response to reject.

None

POP3 services

Parameter

Description

Default

rxOnCommand


none

rxOnConnect


none

rxOnUser


none



SMTP services

Parameter

Description

Default

ForwardAddress

Like ClientAddress, but control the host allowed to forward message through this server.

none

QueueDirectory

Directory messages are queued in.

none

LocalDomains

List of domains which are handled by this server.

none

rxOnCommand


none

rxOnConnect


none



TELNET services:

Parameter

Description

Default


			





2.2.2 Language configuration files

In the .\cfg\ directory the various language files are stored, these files comes standard with IPS and contains all the responses sent to a user/client during a session. The files are named ips<protocol>. File may optionally have a language identifier as an extension.

The files are similar, but have some differences between protocols.

.\cfg\ipsftp

This file has one section for each FTP command, and values for all responses to be given. The ident of the values are the FTP response number and one additional character. Lowercase characters specifies a direct response, and upper case characters specifies a file path for a multi-line response. The files in the .\msg\ directory are specified in the standard supplied ipsftp file. This file may change between releases without further notice. (Maybe a diff is smart on every upgrade).

System variables and FIBs may be used in responses. FTP clients may change session language by issuing a SITE LANG command which will load another ipsftp file.

.\cfg\ipspop3

Since POP3 is mainly used by automatic programs I see no need to document this.

.\cfg\ipssmtp

Since SMTP is mainly used by automatic programs I see no need to document this.



2.3 User files

Users are defined using a one file pr. user account approach. User files are by default placed in .\cfg\*\users\[userid]. The * is the site personality (default distribution only comes with one personality named main).

Default users are admin, ftp, anonymous and user. They are in their different files .\cfg\main\users\admin, .\cfg\main\users\ftp, .\cfg\main\users\anonymous and .\cfg\main\users\user.

Passwords for the default users are adminpassword for the admin one and password for the user one. ftp and anonymous are both anonymous users which take an e-mail address as password.

Parameters for user files [USER] section:

Parameter

Description

Default

Username

This is the name of the user which must match the file name if the user account should work. Since file names in OS/2 and NT is not case sensitive this is where the correct case is important.

none

Password

Users password encrypted with the .\bin\pwd2 or .\bin\pwd32 utility. When making a new user you can add a - in front of a non encrypted password and it will be encrypted on the first login.

none

Anonymous

Set to 1 if this is an anonymous user account, else set to 0.

none

Administrator

Set to 1 if this is an administrative user accounts, else set to 0.

none

RootDirectory

If this user should have another virtual root then set this. The virtual root for the users is the RootDirectory setting in the FTP section + the setting here.

none

LoginDirectory

If you want to direct a user to a specified directory at login, please set this here, this is relative to the virtual root for the user.

none

ChangePassword

Set to 1 if this account can change its password, else set to 0

none

MaxBandwidth

Maximum retrieve bandwidth for each normal user session.

0

ClientAddress

User address allow/deny filter.

*

MemberOfGroups

List of the groups this user is a member of

none



User files [ACCESS] section:

User files also has an access section. This section is read before the same section in the main.cfg file. Format is the same as in main.cfg.

User files [STAT] section:

This section is a read only section which contain some of the statistics from the stat files in the stats directory. The entries here are read only and just put here for easy reading by addon applications.



2.4 RexxHooks



2.5 System Variables

IPS has a lot of variables available for getting more information from a running server. These variables can be used in system texts, response files and RexxHook-scripts. To identify a variable you have to insert the variable name within two percent signs in your text.

So, to insert the make a string with the current IPS version you could make something like this:

"This site is running InetPowerServer/2 %(vers)"

2.5.1 System wide FIB procedures

cfg(file,section,ident)
fill(text,size[,pad])

2.5.2 System wide read-only variables

Variable

Description

ctid

Client TID.

date

Current date.

time

Current time.

uptime

Server uptime string.

vers

IPS version.

vers.compile

IPS version, compilation date/time.

configfile

Path of service configuration file.

configsection

Section in service configuration file.

connectduration

Duration of current session (seconds).

connecttime

Starttime of session (seconds since 1980).

debugflag

Debugflag from the group configuration file.

idle

Current time idle.

logfile

LogFile from the group configuration file.

logflag

LogFlag from the group configuration file.

remotehost

Client host name.

remoteip

Client IP address.

sock

Main socket of current session.

sock.next

Main socket of next session.

sock.prev

Main socket of previous session.

timeout

Idle time-out value of current session.


2.5.3 FTP session read-only variables


Variable

Description

curdir
Directory of current session.
curdisk
Root and current directory of current session in OS format.
curpath
Full path of current/last file/directory action.
curroot
Root directory of current session.
password
Password typed by Anonymous user.
recv
Files received from user this session.
recvkb
KBytes received from user this session.
sent
Files sent to user this session.
sentkb
KBytes sent to user this session.
status
Status of session.
timeoutmax
TimeoutMax from the group configuration file.
type
Transfer type setting of current session.
usr.admin
Administrative user.
usr.anon
Anonymous user.
usr.recv
Files received from user.
usr.recvkb
KBytes received from user.
usr.sent
Files sent to user.
usr.sentkb
KBytes sent to user.
usr.username
Name of user in current session.

2.5.4 SMTP session read-only variables

2.5.5 POP3 session read-only variables


Variable

Description

status
Status of session.
usr.username
Name of user in current session. 

3 Last minute changes

Please view the readme.txt file for last minute changes.

4 Development history

Please view the history.html file for development history.

5 Support/Contact Information

5.1 Mailing list

A mailing list has be setup for IPS support, this is the most correct "place" to get IPS support, I will most likely not reply to direct e-mail about IPS.

You can subscribe to this list by sending an e-mail message list this:

To: mlister@iq.to
Subject:

subscribe ips



After you have subscribed to this list you post message by sending them like this:

To: ips@iq.to
Subject: Write your subject here

Write your message body here.



If you no longer like to be on the list, you can un-subscribe be sending a message like this:

To: mlister@iq.to
Subject:

unsubscribe ips



5.2 Internet Relay Chat (IRC)

A channel on IRC exist with the name #IPS, this channel is supported on EFnet only. In #IPS you will be able to get real-time help from me or other users which may be in the channel at the same time as you. If you don't know what IRC is you should get a IRC client and try. The best OS/2 based IRC client IMHO is OpenChat/2.

5.3 FTP site

The ftp site ftp://ftp.iq.to will always contain the latest version of IPS as well as fixes and other files related to IPS. If you write a good RexxHook you would like to share with others, you could also upload this here.

5.4 Author directly

If you for any reason feel that you need to contact me directly you can do that at terje.flaaronning@eunet.no. I will not reply to normal support messages outside the mailing list.

6 Credits

Credits are given in alphabetical order: