home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 35 Internet
/
35-Internet.zip
/
my2_1b.zip
/
READMEv1.ENG
< prev
next >
Wrap
Text File
|
1998-04-16
|
44KB
|
1,069 lines
========= version 1.0b
--- === My/2 === ---
=========
Copyright (C) 1997,1998 Alexnadr Ivanov
This is Electronical Translator version!
Contents list
0. Agreement
1. Introduction
2. Requirements
3. Description My/2
4. Description of a configuration file
5. Contents of a package
6. Examples of use ( Structures of a network )
7. Messages on errors
8. Interface
8.1 Description of a main window
8.1.1 To reset the user from a modem
8.1.2 To close a entrance to the user
8.1.3 To delete the user
8.1.4 Refresh a main window
8.1.5 Sorting
8.1.6 Write the letter to the user
8.2 Description of window UserDetail/OtherDetail
8.2.1 Sorting
8.2.2 Filtering
8.3 Description of a configuration window
9. LOG-files
9.1 LOG-files of a general traffic of the user
9.2 LOG-files of a user IP-traffic structure
9.3 Main LOG-file of the program
10. Errors
11. Inconveniences
12. Thanks
13. Restrictions of the DEMO-version
14. Understanding of the Virtual user
15. The remote users
15.1 Return Codes from server
15.2 Example of session
0. Agreement
DEMO version of the program can be freely distributed without any changes
and without any fee.
DEMO version detection:
At program start, DEMO version show a window, that says about limitation
DEMO version. At main menu Help/About DEMO version show (DEMO) followed by
version number.
If You have NOT A DEMO VERSION, You may NOT distribute it without agreement
with the author.
1. Introduction
The program My/2 is intended for the tax and visual representation of
statistics on a traffic for:
1. IP-interfaces
2. The users
3. COM-port
4. Structures of IP traffic
!!! --- ATTENTION ---!!!
At inclusion of function of a IP-analyzer, remember, that:
1. You will see all structure of a traffic of the users.
Probably, it infringes some Freedom of the users.
2. If any user in your local network will install the given
program with included function of a IP-analyzer, actually,
he can see WHOLE traffic on your network.
( Many depends on a structure of a network
See 6. Examples of use ( Structure of a network ) ).
My / 2 is useful for HostMasters, whose hosts cost under OS / 2. But it
the usual Internet user can also use at ANY type of connection with
provider.
2. Requirement
1. OS/2 ( was tested on WarpConnect, WarpServer Advanced, Merlin )
2. Installed TCP/IP ( Tested with versions 3.0, 3.1, 4.0 )
WARNING !!!
My/2 and IPSpy NOT WORK with TCP/IP 4.1 stack ! So,
TCP/IP 4.1 is VERY DIFFERENT from 3.0, 3.1, 4.0.
I have search, but NOT FOUND documentation for TCP/IP 4.1
(such Programming Guide or something like that :( ).
3. Presentation Manager
4. HPFS
5. Installed IPSpy
6. Pentium and 24 & above Mb RAM recommended
3. Description My/2
My/2 permits to assemble statistics on the users and interfaces.
Statistics is going in files. On each user file is conducted.
Also files are conducted on ALL COM-ports and network interfaces.
The files of statistics contain textual lines, that permits to make the
analysis of statistics by any software StarOffice, C, Pascal
( I personally love REXX ).
My/2 conducts the report on:
1. General traffic of the users and interfaces
2. Structured traffic of the users
3. Detailed information on the current users
4. Description of a configuration file
The configuration file IS OBLIGED to be in ETC ñ¿αÑ¬Γ«α¿¿ and to have
the name my.cfg. Some parameters can be to set. Significance of parameters
the on - default is everywhere indicated.
If you want to insert the comment, it should be on a separate line and the
line should begin with ";".
Generalized description of parameters:
THE KEY param1 param2... paramN
In a configuration file following parameters are used:
DEBUG_LEVEL TINY
Can accept one of the following significances:
NONE - There are no diagnostic messages
TINY - Minimum of diagnostic messages
SMALL - ...
MEDIUM -...
LARGE - ...
HUGE - Maximum of the diagnostic messages.
It concerns ONLY to a LOG-file.
Default: TINY
STAT_TIMEOUT 60 ( in MIN ) up to 10 mines is approximated.
In the SMALLER party
In this example - hour. If to deliver 63 or 67, all the same there
will be a hour, and if for example 70, I will be a hour and ten
minutes. This time COMPULSORY save of statistics. If for example,
the user in a hour was not disconnected, all the same will take place
save of statistics on him in appropriate files.
Statistics is dumped or on a exit of the user, or on
timeout of a time, determined in variable STAT_TIMEOUT. And
further readout new timeout begins. etc.
Default: 60
STAT_PATH D:\TEMP\MY ( only directory WITHOUT "\" at end )
In this directory statistics on the users is dumped. Files
with masks will be formed: "comN.MMYYYY" and "login.MMYYYY".
Accordingly statistics on the users and on COM-ports and network
Interfaces is conducted.
The network interfaces have the name LANN - where last N this number
of a network card to the on - order. And login CARDN - where last N
this number of a network card to the on - order. In statistics there
is a date and time of beginnings of the tax, end of the tax,
byte it is accepted, byte is transferred. And it is a lot of
that more. ( see item 9.1 ) Also in this directory LOG-files on
a structure of a IP-traffic of the users ( see item 9.2 ) are written.
Default: IS NOT PRESENT
INACTIVE_TIME 7
is used for switching-off of the user till him
inactive over a specified interval of a time in minutes.
So, if the user connected, but from his /and/or/ to him
does not go a IP-traffic, switching-off of the user will take place,
as though you have pressed a button "Disconnect selected user".
The user will not be disconnected in case if:
1. This leased line. (see item 8.1)
2. If its COM-port is protected (see. TIMEOUT_PROTECTED_COM)
2. If it LOGIN is protected (see. TIMEOUT_PROTECTED_USER)
If variable INACTIVE_TIME is equal 0, the users will not be
disconnected on timeout.
To on - default: 7
TIMEOUT_PROTECTED_COM com2 com7 com12
is used to protect COM-port from
disconnect the user, which is on it on timeout (see. INACTIVE_TIME).
Can be listed up to 10 COM-port separated by SPACE.
To on - default: IS NOT PRESENT
TIMEOUT_PROTECTED_USER alex john crazy
is used to protect the users from
disconnect on timeout, COM-port, on which it has gone has not
significance (see. INACTIVE_TIME).
Up to 10 names can be listed separated by SPACE.
To on - default: IS NOT PRESENT
MAIL 194.84.32.67 sura.com.ru
As first parameter it is underlined mail server, through which mail on
the users (see item 8.1.6) will depart can here given as
IP-address, as DNS-name. For example:
MAIL penza.sura.com.ru sura.com.ru
MAIL 194.84.32.67 sura.com.ru
Second parameter is a domain to on - default, which will be added
at the end of the mail addresses FROM and TO at dispatch of the
letters (see item 8.1.6).
Second parameter is not certain. But if it to specify, he
will be added to the end of each mail name, IF COMPLETE MAIL ADDRESS
IS NOT SPECIFIED.
To on - default: IS NOT PRESENT
ERRORTO MAIL alex@sura.com.ru
This parameter is necessary for redirect the messages on
errors from a screen on EMAIL or on the contrary. If costs MAIL,
EMAIL-address should be further follow. If SCREEN, second
parameter is ignored.
ATTENTION!!!
In given version ERRORTO is not used. And is always equal SCREEN,
though and it is permitted it to change.
To on - default: SCREEN
REFRESH_INTERVAL 3 ( in SEC ) About it a little separately.
It is used for determination, through how many seconds to interrogate
interfaces.
The speed is in this case also considered for this time. And is always
displayed in Byte/sec units. So, than more to deliver this
number, especially speed you receive. It is necessary also
to take into account, that at large significance given variable
exits and entrances users will with large later be found out.
Its significance also influences a time in LOG-files.
Default: 3
COMUSER_PATH D:\UUCP\PPP\CURRENT ( only directory WITHOUT "\"
at end ) This variable is used for link the user and Com-port.
If the program ßould not determine the user, in the column
Login she removes Noone. If ßould not find Com-port, in the column
Com port she removes NoPort. And, certainly, if she ßould not
determine the user, in the column Real name she removes Uncataloged User.
This KEY variable.
Sense that at pass of the user, when establishing PPP on it, it
is necessary that someone formed in this directory a file with the
following mask "comN.Login". If for example the user with login
andy on 6 com-ports has gone, in this directory there should occur a
file " com6. Andy ".
It is done is very simple: in shell at PPP-user writing
not PPP.EXE, and for example PPP.CMD which before establishing present
PPP, determines the user and COM-port and creates in
directory, which is determined in COMUSER_PATH a file
as describe above principle. A CMD-file for a example I enclose. He
refers to as PPP.CMD. In him the current user is recorded in
d:\uucp\ppp\CURRENT. Here for a example a part my passwd:
...
Pelsi: qwerty:::elsi:/UUCP/PPP:ppp.cmd $host $port
Padi: QwErTy:::adi:/UUCP/PPP:ppp.cmd $host $port
Psba: 1sdr45:::sba:/UUCP/PPP:ppp.cmd $host $port
Pstone:qwertyh::: stone:/UUCP/PPP:ppp.cmd $host $port
...
The time on the start PPP.CMD is spent minimal, and flexibility -
HUGE.
Default: D:\MPTN\ETC
PASSWD_PATH D:\UUCP\CONFHOST\passwd ( full path and filename to
passwd ) the Program uses passwd file, ONLY to determine a
real name of the user. If the given user in a file is not present,
whether or not file, My/2 in the field RealName basically window
removes Uncataloged User.
MAIN_INTERFACE lan0
This interface, from which IP-packages will be catched. For display and
record a structure of IP-traffic. This parameter makes sense at
established variable IP_ANALIZE. And at availability
installed IPSpy for catch a packages.
!!! ATTENTION!!!
Closely read the documentation to IPSpy!
Dfault: lan0
IP_ANALIZE DIRECT,BROADCAST Can accept one of the following
significances:
NONE - Not to analyze a IP-traffic.
DIRECT - To analyze ONLY packages, which are directed to
this machine.
BROADCAST - To analyze ONLY broadcast-packages.
TRANSIT - To analyze packages to other computers.
Possible combinations are further indicated:
DIRECT,BROADCAST | DIRECT,TRANSIT | BROADCAST,TRANSIT |
DIRECT,BROADCAST,TRANSIT .
Default: DIRECT,BROADCAST
WARNING !!! No SPACES between "," and a chars.
SRC_IPMASK *. *. *. * Possible significances:
0,1,2,3,4,5,6,7,8,9,., * will form a mask of IP-address for the fields
From ( see item 8.2.2 for the more detailed description of masks )
Default: *. *. *. *
DST_IPMASK *. *. *. * see. SRC_IPMASK
Default: *. *. *. *
MAINW_REFRESH 10 ( It means through 10 REFRESH_INTERVALs redraw )
Through which time redraw a main Container automatically.
Is measured in REFRESH_INTERVAL intervals.
In My/2 is used as REFRESH_INTERVAL * MAINW_REFRESH
Default: 10
LOCAL_IP ON
Parameter speaks My/2 about a volume, which IP address to use for
the analysis of a structure of a IP-traffic, remote or local.
Usually for provider is remote. For the users - local.
If you put My/2 on a machine, ON which users connect to,
LOCAL_IP OFF, if you call to provider, ON.
Default: OFF
CLOSE_USER_PGM VISIBLE MAXIMIZE BACKGROUND 10 " D:\WORK_PRG\OBJ\My\ccc.cmd %s -close_ppp "
First parameter VISIBLE or INVISIBLE
Second parameter MINIMIZE or MAXIMIZE
Third parameter FOREGROUND or BACKGROUND
Fourth parameter 1-60 sec . Timeout. After this timeout My/2 will be try to
close this program session.
5 parameter a Name of the started program and her parameters In
COMMAS! This key describes the program, which will be started if you
ask to close the user ( see item 8.1.2)
!!! ATTENTION!!!
Name of the program and her parameters SHOULD be in commas ( " ).
There, where costs %s, command line from four parameters is there
substituted:
1 Login ( for example alex )
2 ComPort ( for example com2 )
3 Interface name ( for example ppp3 )
4 IP address for the given user (for example 194.11.12.13)
If the IP-address was not yet determined, 0.0.0.0. Programs can be ANY
type PM or VIO. Perfectly works and REXX. I think, that will go and
DOS-session, but I did not try.
Dfault: IS NOT PRESENT
DELETE_USER_PGM INVISIBLE MINIMIZE FOREGROUND 20 " D:\WORK_PRG\OBJ\My\ccc.cmd %s -close_ppp "
Similarly CLOSE_USER_PGM ( see. CLOSE_USER_PGM and item 8.1.3)
Default: IS NOT PRESENT
VIRTUAL_USER alexV Alexandr_A._Ivanov 194.84.32.71
VIRTUAL_USER IBM WWW_IBM_COM www.ibm.com
...
VIRTUAL_USER Microsoft MICROSOST-WIN95 www.windows95.com
This parameter sets the virtual users. Them can be up to 10 ( see item 14)
In the quality IP of address it is possible to set as IP - address, as
DNS-name.
Remember, that Real_Name should contain "_" instead of " ", if you
record the virtual user. If create it(him) from a window of a
configuration, about it it is not necessary cares.
To on - default: IS NOT PRESENT
RUN_SERVER <ON|OFF> <PORT> Permits My/2 to work as server, accepting by
the inquiries of the IP-customers.
From version 0.99 My/2 supports the remote customers on TCP/IP.
So you can from any point of the world go on My/2 server
and to receive the certain information or to execute any
action. Actions are those, that you can execute local on My/2.
See item 15 ( Remote users ).
To on - default: ON 7777
MAX_CLIENTS 2 1-10
Maximum quantity of the simultaneously attended IP-customers.
See item 15 ( Remote users ).
To on - default: 2
CLIENT_REFRESH 3 1-10 ( sec. ) Parameter characterizes
a time through which to interrogate flows on the IP-customers on a
subject inactive or die. See item 15 ( Remote users ).
To on - default: 5
CLIENT_TIMEOUT 30 1-60 ( sec. ) Parameter characterizes
through which inactive time under duress to disconnect the
customer from server. See item 15 ( Remote users ).
To on - default: 30
CLIENT_DEBUG_LEVEL TINY <NONE|TINY|SMALL|MEDIUM|LAGRE|HUGE>
A level of management LOG of a file on the remote customers.
In version 0.99 is not used.
To on - default: TINY
REMOTE_USER alex varkuta 001002003004005006007
...
REMOTE_USER gonza jabberwock 001004005006007
Format of record: REMOTE_USER <LOGIN> <PASSWORD> <RIGHTS>. With
the help login and password the user identify self.
About the rights:
The rights represent commands, which the remote user can
execute and, actually, are a consecutive set of three-value figures.
Æ«ÑßΓ∞: 001003006007
\_/\_/\_/\_/
Each figure represents a command. Are further listed
accessible in version 0.99 of a command:
000 Empty command (NOP)
001 Requests the current users and their characteristic. Actually,
contents of a main screen.
002 To disconnect the chosen user. Is aplicable only to 2 types of
the users dialup and leased. See item 8.1.1
003 To close access to the user. See item 8.1.2
004 To delete the user See item 8.1.3
005 To request the information on IP to a traffic of the chosen
user See item 8.2 Data go in the same order.
006 To request the information on other IP to a traffic See
item 8.2 Data go in the same order.
007 To request a configuration
300 Exit
301 Authorization
In addition see item 15
5. Contents of a package
1. My2. Exe
2. mypm.dll, mynv.dll, mynet.dll
3. Example of a configuration file
4. The example PPP.CMD
5. Given description ( readme.rus, readme.eng )
6. Examples of use ( Structure of a network )
My/2 it is possible to use on different purposes. It is possible to analyze
a traffic in - outside of and inside in different combinations and
configurations. For example:
(1)
Is optimum, as to me the following circuit seems,:
Comp with My/2 ┌───── IP router
┌─────┐ ┌─────┐ ┌─────┐ │ (For example Vanguard)
│ │ │ │ │ │ \/
└─────┘ └─────┘ └─────┘ ┌──────┐
┌───────┐── ...───┌───────┐───┌───────┐────│ │──> Internet
└───────┘ └───────┘ └─┬─┬─┬─┘ └──────┘
Local Area Network ┌──┘ │ └─────────┐
modem1 modem2 ... modemN
MODEM ENTRANCES
Whole TRAFFIC and from a local network and from modem entrances
will be in this case analyzed. In IP_ANALIZE it is necessary only set
a name of a network card.
(2)
It is possible to use and other. For example with two network cards:
Comp with My/2
┌─────┐ ┌─────┐ ┌─────┐
│ │ │ │ │ │ lan1
└─────┘ └─────┘ └─────┘ (For example EiconCard)
┌───────┐── ...───┌───────┐───┌───────┐────────────────────> Internet
└───────┘ └───────┘ └─┬─┬─┬─┘
LOCAL AREA NETWORK ┌──┘ │ └─────────┐
lan0 modem modem2 ... modemN
MODEM ENTRANCES
In this case, to analyze a traffic in - outside of, you will need
to be delivered in IP_ANALIZE lan1. In this case you lose a opportunity
to analyze a structure ONLY IP-traffic from modem entrances to you
in a Local area network.
7. Message on errors
1. Variable XXXXXXX defined, but has no arguments. Useing default value.
Configuration variable from file means that any varible is determined,
but does not contain arguments. Will be used her parameters of dfault
( see item 4 )
2. OTHER traffic array is overheat. Counting current users only and OLD hosts.
Array on another's ( concerning our computer of address ) means is
overflowed New directions will not be added. Will be supplemented only old.
4. User XXXX traffic array is overheat. Since all NEW HOST traffic will be
added to UNKNOWN.
Array of directions on the given user means is overflowed New directions
will not be added. Will be supplemented only old.
And new will go in OTHER.
5. There is a number of the messages, where is spoken: "... IP analizing
function is DISABLED ".
It means, that you have requested to analyze a IP-traffic, but at you is
not correctly installed IPSpy if at all is installed.
The other messages not so are significant or simple for understanding.
8. Interface
The interface is simple. One main window.
8.1 Description of a main window
Main window of the program visually displays:
0. User type (icon)
1. Physical name of a interface
2. TCP/IP a name of a interface
3. Maximum speed of a interface
4. IP address ( if LAN, own, if PPP or SLIP - remote or local [see item 4])
5. Login of the user
6. Date and time of a entrance
7. Byte it is accepted
8. Byte is transferred
9. Current speed on a input
10. Current speed on a output
11. Present name of the user
Now user types may be next:
1. Lan interface (CARD...)
2. Leased line (USERNAME...) - Uppercase
3. Dialup entry (username...) - Lowercase
So, if in COMUSER_PATH (see. item 4) Login of user defined in UPPERCASE,
than My/2 think, that it's a LEASED line, if in lowercase, then Dialup user.
In all this case apropriate icon are included.
About errors and various information she gives in right status line.
Left-hand is used for the contextual help on buttons.
If occur which or global errors, My/2 removes modal window with the
button OK. After it terminates work. Also the windows of such type are removed
at the serious warnings.
It is possible to make various manipulations with the users:
1. To reset from a modem ( see 8.1.1 )
2. To close an entrance in a system ( see 8.1.2 )
3. To delete the user ( see 8.1.3 )
!!! --- ATTENTION ---!!!
All these manipulations can be made ONLY with the modem users.
8.1.1 To reset the user from a modem to
Reset the user from a modem it is necessary to choose item of the menu:
Users/Manipulation/Disconnect or to choose the button Disconnect selected
user.
Thus look after, that the cursor was on the necessary user.
The modem is extinguished with the help DTR.
8.1.2 To close a entrance to the user
To close a entrance to the user it is necessary to choose item of the menu:
Users/Manipulation/Close or to choose the button Close selected user.
Thus look after, that the cursor was on the necessary user.
The closing of the user works, if in a configuration is determined variable
CLOSE_USERPGM ( see 4 ). At closing of the user is automatically caused
Disconnect ( see 8.1.1). On work of the program on closing user is allocated
10 ᥪ. ( While. Further I do this parameter variable ), through this time
a compulsory stop and Terminate of this program will be executed. With all
following consequences ;)
8.1.3 To delete the user
To delete the user it is necessary to choose item of the menu:
Users/Manipulation/Delete or to choose the button Delete selected user.
Thus look after, that the cursor was on the necessary user.
The closing of the user works, if in a configuration is determined variable
DELETE_USERPGM ( see 4 ). At removal of the user is automatically
caused Disconnect ( see 8.1.1 ). On work of the program on removal of
the user is allocated 10 ᥪ. ( While. Further I do this parameter variable ),
through this time a compulsory stop and Terminate of this program will be
executed. With all following consequences ;)
8.1.4 Refresh a main window
That refresh the information basically a window, Choose item of menu
View/Refresh. Refreshing occurs automatically through a
interval = REFRESH_INTERVAL * MAINW_REFRESH.
( See 4 ). Also it occurs at change as sorting ( see » 8.1.5 ) and at
detection new or disconnect of the old user.
8.1.5 The sorting
The Program permits to sort the current users for different attributes:
1. Login
2. Interface
3. Traffic general
4. Traffic entering
5. Traffic outgoing
6. Time on-line
It is for this purpose necessary to choose item of menu Users/Sort by >...
Or necessary button of toolbar. Default is exhibited Sort by name.
8.1.6 Write the letter to the user
This item becomes accessible, if is determined mail server (see item 4(MAIL)).
If you want, that to addresses a domain was added behind, it needs to be
defined in parameter MAIL.
It is possible to write the letter to the chosen user. It is for this purpose
necessary to choose the user and to press "Mail to user" or from the menu
User/Manipulation/MailTo.
There will be a window of editing. It is there possible it and to write.
To send the letter on the button Send or menu: Mail/Send.
8.2 The description of window UserDetail/OtherDetail
The Window UserDetail actually represent the report at present about the
chosen user or interface. Above the windows are displayed:
1. Login
2. Real Name
3. IP-address
4. Name of a physical device, on which there is the given user
Further, in a container the detailed information on a structure of a
IP-traffic of the chosen user on following attributes goes:
1. IP-address of the sender ( From )
2. IP-address of the recepient ( To )
3. General traffic in this direction
4. General packets in this direction
From them:
5. WWW traffic
6. WWW packages
7. FTP traffic
8. FTP packages
9. SMTP traffic
10. SMTP packages
11. POP3 traffic
12. POP3 packages
13. TELNET traffic
14. TELNET packages
15. TCPBEUI traffic
16. TCPBEUI packages
17. ICMP traffic
18. ICMP packages
19. NEWS traffic
20. NEWS packages
21. DNS traffic
22. DNS packages
I have described the main Internet-protocols. For the analysis it quite enough.
Thus, it is possible to supervise ALL, that the user does.
Difference of window OtherDetail only that it displays ALL OTHER
IP-addresses, not relating to given computer. So whole transit traffic.
The window OtherDetail can be called only when in a file of configuration
IP_ANALIZE you have specified BROADCAST or TRANSIT. If is specified only
DIRECT, the opportunity to look a another's traffic will be switched - off.
If to establish IP_ANALIZE in DIRECT_BROADCAST_TRANSIT, you ßan look through
WHOLE IP-traffic in network, to look where users found and to be surprised,
to be surprised, to be surprised... ;)
ATTENTION!!!
Because of large volume of the information in this window, it not
refresh automatically.
For it refreshing there is the button Refresh.
8.2.1 Sorting
In the window UserDetail and OtheDetail it is possible to sort the information
on three criteria:
1. From IP-address
2. To IP-address
3. General traffic
Sometimes it so interesting ! ;)
8.2.2 Filtering
In the windows UserDetail/OtherDetail it is possible to set a mask for a
conclusion ONLY certain addresses ( From or To ) in a mask in quality filler
one mark - "*" is used only.
To me a heap of different symbols-filler does not appeal.
So examples:
Question: WHICH mask to set, to look a traffic only FROM addresses
194.84.32.67 ?
Answer: In the field From to write 194.84.32.67
Question: WHICH mask to set, to look a traffic only FROM addresses,
begin with 194?
Answer: In the field From to write 194. Or 194 or 194.*.*.*
Question: Which mask to set, to look a traffic only AT addresses, begin with
194 and that in the third number of address there was figure 3?
Answer: In the field To to write 194.*.*3*.*
Question: Which mask to set, to look a traffic only AT addresses, where the
address begins on 2 and that the fourth number of address began on 7?
Answer: In the field To to write 2*.*.*.7*
Question: Which mask to set, to look a traffic only AT addresses, where the
second number of address is finished on 5 and that in the fourth
number of address there was figure 3 and only From addresses, begin on
12 and in the second number of address the last two figures 67?
Answer: In the field To to write *.*5.*.*7* In the field From to
write 12*.*67 or 12*.*67.*.*
Well, there are enough examples. At last i say, that the filters influence
ONLY representation in container of the window UserDetail/OtherDetail. On
LOG-files, on that other it does not influence.
In a configuration a mask the on - default for all is described. But during
work for each user or interface the mask varies INDIVIDUALLY. After
disconnect of the user, the mask again becomes to default.
At shift of a mask, it is possible to press the button Apply or Ok. If to
press Ok, the mask will be stored for the given user and by the following call
UserDetail for it will be that, which you have established. If to press
Apply, the mask is simple will be applied, and at Refresh or subsequent call
UserDetail for the given user the previous significances will be restored.
8.3 Description of a configuration window
Configuration window is simple. Change the necessary parameters and, if
want, push "Save" button. New configurat will be saved and old will be
backed up to "*.*_BAK". New configuration will be activated when My/2 is
will be restarted.
If you consider complex for you to write a configuration file
manually, create empty file my.cfg in a necessary place ( see item 4 )
and start my/2. After choose item File/Configure My2 and from this window
establish all necessary parameters. Leave My/2. Start again. My/2
will be started with are those in parameters, which you have established.
9. The LOG-files
My/2 conducts LOG-files on following statistics:
1. General traffic
2. Structured IP-traffic
3. Message, error, warning of program is further described every kind.
9.1 LOG-files of a general traffic of the user
The given LOG-files have a following format :
1. Date and time of a entrance
2. Date and time of a exit
3. How many byte it is accepted
4. How many byte is transferred
5. Seconds on-line
6. Login of the user
7. Attribute
All this information is recorded in files with a following mask: comN.MMYYYY
and Login.MMYYYY, where MM - month, YYYY - year, N - number COM-port or network
card, and Login - login of the user. These two type of files cross referred the
friend on the friend. You can set a certain time COMPULSORY save of statistics.
For example through A HOUR. It is made that not to lose the important
information in case power-off or more any failure. The program determines a new
month and year, and creates appropriate files.
Attribute - 0, 1, 2 or 3
0 - Scheduled save of statistics
1 - Save of statistics on reset of a interface ( For
example the user is simple was disconnected[HANGUP])
2 - Save of statistics on a exit from the program ( For
example you have pressed EXIT or CLOSE[Alt + F4 ])
3 - Scheduled save has coincided a exit from the program.
9.2 LOG-files of a structure of a IP-traffic of
the user
File with structure of a IP-traffic user:
1. Date and time of a entrance
2. Date and time of a exit
3. IP-address of the sender ( From )
3. IP-address of the recepient ( To )
4. General traffic in this direction
5. General packets in this direction
From them:
6. WWW traffic
7. WWW packages
8. FTP traffic
9. FTP packages
10. SMTP traffic
11. SMTP packages
12. POP3 traffic
13. POP3 packages
14. TELNET traffic
15. TELNET packages
16. TCPBEUI traffic
17. TCPBEUI packages
18. ICMP traffic
19. ICMP packages
20. NEWS traffic
21. NEWS packages
22. DNS traffic
23. DNS packages
24. Attribute
All this information is recorded in files with a following mask:
Login.MMYYYY_IP.
Where MM - month, YYYY - year. This statistics is recorded by a increasing
result.
Description A attribute ( see item 9.1 )
This is the information can be looked at a current moment, having pressed the
button User detail ( for the particular user or interface ) or OtherDetail
for interfaces, not relating to given computer. ( see 8. [the Description
of window UserDetail/OtherDetail ] ).
9.3 The main LOG-file of the program
A main LOG-file of the program is created in CURRENT directory and has the name
my.log. His contents in many respects depends from variable DEBUG_LEVEL in a
configuration file. ( see 4 )
10. Errors
1. Not correctly works in the sanction 1024 x768 and higher.
11. Inconveniences
1. Operating time of the programs on closing and removal of the
users is not set up.
2. It is impossible to set a mask for a filter on the particular user.
3. It is impossible to set a type of analysis LOCAL_IP whether or not
on a particular interface.
4. Range of configuration parameters is not supervised. That bypass it,
see item 8.3.
5. Does not permit to be switched on TAB between elements of a window.
The control from a keyboard is very limited.
Is simple while the hands have not reached at me. ;)
6. Until works without IPSpy.DLL
12. Thanks
Thanks for Alexander Kitaev ( alx@sura.com.ru ) for the help at the creation
My/2.
Especially THANK to Anddy Zinoviev ( andy@sura.com.ru ) for the help
in the understanding PM and semaphores. ;)
Especial thanks to Steven Gutz, who wrote a book " TCP / IP programming for
OS/2 with Applications for Presentation Manager ".
Especial thank to Edgar Buerkle who make an IPSpy - an excellent driver!!!
(100566.557@compuserve.com)
13. Restriction of the DEMO-version
If at you the DEMO-version, exist following restrictions:
1. The quantity of IP-addresses for the analysis and LOG-file on
the particular user is limited up to 500. So if the user
worked more than with 10 addresses, only the first 500 addresses
will be displayed and only on them a LOG-file will be
conducted. Other will be ignored with the appropriate message
in a window ( see item 7 ).
2. The quantity of IP-addresses for the analysis and LOG-file on
transit and broadcastΓαáΣ¿¬ is limited up to 1000. So if the
users of your network worked more than with 1000 addresses, only
the first 50 addresses will be displayed and only on them
a LOG-file will be conducted. Other will be ignored with the
appropriate message in a window ( see item 7 ).
All other works completely.
14. Understanding of the Virtual user
Virtual user is the user ( IP-address ), which actually IS NOT PRESENT
on your computer. This user has Login, Real Name, IP-address. The given
kind the user is marked special icon. And has ALL properties, as well as
present user. So on his statistics AS WELL AS on the usual user is going
precisely such - @.
For example you create the virtual user with such parameters
( see item 4 VIRTUAL_USER ):
VIRTUAL_USER IBM WWW_IBM_COM www.ibm.com
After it on your computer there will be the virtual user with IP by the
address www.ibm.com - 204.146.18.33. On his statistics as well as on the
usual user will be going.
If you create virtual users with DNS-names in quality of
IP-address, My/2 executes resolv in IP-address. It can take away some time.
So, that at the start My/2, her window can will not at once occur. At
this time My/2 reads CONFIG and executes resolv DNS of a name in IP address.
In case of failure, My/2 removes a window with the message on a error on
each record VIRTUAL_USER in a file of a configuration, which she ßould not
resolv in IP address.
The virtual users it is possible to add and in a operating time of the
program. Such users are valid up to following restart My/2 ( User/Virtual/Add ).
The virtual user can be removed ( User/Virtual/Delete ). The removal occurs
only on a current session. If want to delete the virtual user in general,
take advantage of a window of a configuration.
The first time try to create virtual user from a window of a configuration.
If the user is entered from a window of a configuration, he falls in a
configuration file and at following restart will be restored.
ATTENTION!!!
Be afraid to create the virtual users with same Login, as at the usual user !!!
15. The remote users
The remote users this those, who authority to execute any
action on My/2 server remotely on TCP/IP. So from any point Internet
user can go on My/2 server and to execute on it commands, determined to him
in his rights. For a configuration of the remote user in a file of
configuration My/2 server following parameters answer:
RUN_SERVER, MAX_CLIENTS, CLIENT_REFRESH, CLIENT_TIMEOUT, CLIENT_DEBUG_LEVEL,
REMOTE_USER. See item 4.
Basically for pass on My/2 server it is enough Telnet. he needs
to be let so: "telnet -p PORT MY2_SERVER_ADDRESS".
In a given moment 06.02.98 I not yet have the specialized clients
for My/2. But has already begun a spelling. The customers will be:
1. Under OS/2 on CPP or Sibyl
2. Under Windows on Delphi
3. And on Java in the kind Applet
Dialogue of the client with server is follows:
┌──────┐ ╔══════╗
│Client│ ║Server║
└──────┘ ╚══════╝
╔═══════════════════╗
║Hello ║
╚════════╤══════════╝
│
┌────────┴──────────┐
│Authorization │
└────────┬──────────┘
┌─────────────────┤
│ ╔════════┴══════════╗ NO
│ ║Authorizatino OK ? ╟────────┐
│ ╚════════╤══════════╝ │
│ │YES │
│ ╔════════┴══════════╗ │
│ ║Wait for commands ║ │
│ ╚════════╤══════════╝ │
│ │ │
│ ┌────────┴──────────┐ │
│ │Command │ │
│ └────────┬──────────┘ │
│ │ │
│ ╔════════┴══════════╗ NO │
│ ║Authorizatino OK ? ╟────────┤
│ ╚════════╤══════════╝ │
│ │ YES │
│ ╔════════┴══════════╗ │
│ ║Process the command║ │
│ ╚════════╤══════════╝ │
│ │ │
│ NO ╔════════┴══════════╗ │
└────────╢It is EXIT ? ║ │
╚════════╤══════════╝ │
YES ├───────────────────┘
╔════════┴══════════╗
║ Good bye ║
╚═══════════════════╝
15.1 Return Codes from server
200 - The command is recognized and executed
250 - Any information
300 - Warning
400 - Error or refusal to execute a command
15.2 Example of session
-> Send to server
<- We receive
--------------------------- cut here -----------------------------------
<-200 Hello, 194.84.32.71 What do You want from me?
->301 alex humptydumpty
<-200 ID 0 ADDRESS 194.84.32.71 REFRESH 3 RIGHTS 001002003004005006007
->01
<-200 2
<-LAN0 DIX + 802.3 10000000 194.84.32.71 CARD0 1998.02.06 14:28:36 4723583 3796803 1299 LAN interface 0
<-VRT3 Virtual3 777777 195.17.106.1 Anons 1998.02.06 14:28:36 0 0 0 0 AO Anons
->02
<-400 USE: "2 LOGIN COMPORT"
->03
<-400 USE: "3 LOGIN COMPORT INTNAME IPADDRESS"
->04
<-400 USE: "4 LOGIN COMPORT INTNAME IPADDRESS"
->05
<-400 5 LOGIN COMPORT INTERFACE IPADDRESS (6 LOGIN COMPORT INTERFACE IPADDRESS)
->06
<-400 5 LOGIN COMPORT INTERFACE IPADDRESS (6 LOGIN COMPORT INTERFACE IPADDRESS)
->07
<-200 CONFIG FOLLOW
<-ETCPATH "D:\MPTN\ETC
<-CFGPATH "D:\MPTN\ETC\my.cfg
<-STAT_TIMEOUT 6
<-INACTIVE_TIMEOUT 1
<-REFRESH_INTERVAL 3
<-STAT_PATH "D:\WORK_PRG\OBJ\My\BACK
<-COMUSER_PATH "D:\UUCP\PPP\CURRENT
<-PASSWD_PATH "D:\UUCP\CONFHOST\passwd
<-IPANALIZE_MODE 7
<-IPANALIZE_INTERFACE "lan0
<-SRC_MASK "*".. *. * "
<-DST_MASK "*".. *. * "
<-MAIN_WINDOW_REFRESH 10
<-PPP_TYPE 1
<-DELETE_EXEC_PGM " D:\WORK_PRG\OBJ\My\ddd.cmd %s -d "
<-DELETE_EXEC_PGM_CTRL 2
<-DELETE_EXEC_PGM_FGBG 0
<-CLOSE_EXEC_PGM " D:\WORK_PRG\OBJ\My\ccc.cmd %s -c "
<-CLOSE_EXEC_PGM_CTRL 5
<-CLOSE_EXEC_PGM_FGBG 1
<-DEBUG_LEVEL 5
<-MAIL_SERVER "194.84.32.67
<-MAIL_DOMAIN "sura.com.ru
<-PROTECTED_COM " alex alx sanek vasia "
<-PROTECTED_USER " com2 com3 com4 "
<-VIRTUAL_USER " Anons AO_Anons 195.17.106.1 "
<-REMOTE_USER " alex qwerty 001002003004005006007 "
<-REMOTE_USER " gonza asdfghjkl1 001004005006007 "
->02 Anons VRT3
<-400 USER "Anons" CANNOT BE DISCONNECTED
->05 Anons VRT3 195.16.107.1
<-300 NO TRAFFIC FOUND FOR 195.16.107.1
->05 CARD0 LAN0 194.84.32.71
<-200 4 *. *. *. * *. *. *. * 0
<-194.84.32.71 194.84.32.71 304 2 0 0 0 0
<-194.84.32.67 194.84.32.67 220 1 0 0 0 0
<-194.84.32.71 194.84.32.71 18551 395 0 0
<-194.84.32.71 194.84.32.71 484 2 0 0 0 0
->300
<-200 Good bye 194.84.32.71
--------------------------- cut here -----------------------------------
I shall be grateful for all remark, questions, proposal.
------------------------------------------------------------------------------
Alexandr A. Ivanov
Phone: +7(8412) 55-23-67
+7(8412) 55-39-67
Email: alex@sura.com.ru
home page URL: http://penza.sura.com.ru/~alex
home page My/2: http://penza.sura.com.ru/~alex/moreos2.html
------------------------------------------------------------------------------
