home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.wwiv.com
/
ftp.wwiv.com.zip
/
ftp.wwiv.com
/
pub
/
MISC
/
TGARTS.ZIP
/
ACS.DOC
next >
Wrap
Text File
|
1999-12-13
|
22KB
|
394 lines
Everything you wanted to know about Telegard ACS but was afraid to ask
by Scott Adams (Telegard Beta Site)
This article will attempt to describe the ACS system that is used
by the Telegard BBS Software. Hopefully this article will help you
to organize and improve your system in various ways.
* What is ACS?
Some out there might not even know what ACS is much less understand
how to use it. ACS is a old BBS software term that came about when the
first modern BBS softwares came out in the late '80s. What it exactly
stands for is lost for history. But most believe it stands for Access
Control System or Access Central System. Don't worry what it stands
for but what it does. ACS is a style of organization and security for
BBS software. We will touch on the Telegard ACS here in this article.
* Who should use the ACS system?
Every Telegard sysop out there should utilize the full ACS system
to their advantage to improve their security and organization.
* Why use the ACS System?
The three main reasons to use the ACS for your BBS are:
o Organization: You should use it to group things into Telegard
groups or conferences.
o Security: ACS will allow you to have a totally secure system.
o Control: Through ACS you can control things your BBS does like
events, chats and other things.
* When should ACS be used?
This is a personal decision but the more you get into the ACS and
understand its uses then you should use it at all times to your full
advantage. It is not required to use any of the ACS on your bbs but
if you do not you could have a very unorganized and insecure system.
The default Telegard setup (out of the box) uess preset ACS for menus
and things already so don't panic if you don't. The default ACS
setup will be enough for you to work Telegard right from the start.
But you should eventually organize and customize your system.
* How can I use this ACS stuff?
By now I hope you are interested in the ACS system. If so then good
it takes a dedicated sysop to customize a bbs and to win in the end.
First thing you should do is print or view the ACS.REF reference file
which is located in your Telegard \Docs directory (docs is off your
main Telegard directory). This file contains the various codes and
terms and is the reference sheet you will need to use the ACS system.
That file contains all the documentation on the ACS system you will
ever need. When new versions of Telegard come out you should check
this sheet for changes or additions.
I will show examples and use of the ACS functions for the following
areas of Telegard:
* Menus * Events
* Doors * Security
* Messages * Scripts
* Files * Other
An example of a ACS string or line is: s50&G@.
Don't panic if this conufuses you It first. This line is read or
translated as "security level 50 AND Group @".
For ACS to work all values in the line or statement MUST apply or
the operation will not work. So from the above the user must have
SL 50 AND be IN group @ to work for this ACS item.
ACS case sensitivity does not matter much so you can use uppercase
or lowercase parameters.
The first thing we should cover is the hardest concept of ACS that
most new sysops have - operators. This system is just like Mathematical
operators however so if you understand that you should have no problems.
The order the ACS is read is the same as mathematics and beyond the
scope of this article. The operators are:
relational
operator meaning example
& AND s50&FB
| OR s50|GC
! NOT s60&!FZ
() Grouped ACS s50(C@|CG)
^ TRUE ^
% FALSE %
The AND operator (&) means the values are together grouped. Here is
a tip if you are limted on ACS space. The & operator does not need to
be on the line in many cases. It is assumed by default to be that way.
When to use it however is in cases where you need to group or have a
complex ACS string. So the above s50&FB line is the same as s50FB.
All the other operators though are not assumed and should be used. The
AND means that ALL must apply to work. If one item in the section is
false then the acs will fail. In th ebove if the user is SL 60 and
does not have flag B then the ACS fails.
The OR operator (|) means the values can be EITHER or to work. In
the above example - s50|GC means the user must have security level 50
OR be in group C. If either are true then the ACS will work. If both
apply then it works but if both fail then the ACS will fail.
The NOT operator (!) is used when you need to exclude something
the user might have. The above s50&!FZ (the & can be deleted) is read
as "security level 50 and above AND must not have flag Z". If the
user has flag Z then the ACS fails but if he doesn't and is SL50+ then
it will work.
The grouping () operators are like math to organize items. Telegard
ACS will perform all the ACS items in that () group before it performs
the rest of the items. In the above example s50(C@|CG) it is read as
"user is in group @ OR group G AND (implied) is security level 50 or
above". If any item in the () group fails then the ACS fails before
the outer parts are even checked. Some might have done (s50&C@)|(s50&CG)
which is the same but takes up alot more space. So you can see how
a simple () group can save space.
True (^) and false (%) are the least used acs items because they
can be confusing at times. The default setup for TG has an example
of both in the message editor. Load up the default message base
and you will see reading/posting ACS lines. It will be ^ and then
network acs below is %. Generally these operators are used as a sole
operator. The reading default means that everyone will have the access
to read that sub since the ACS is true. I personally would stay away
from these 2 since they can be misleading and confusing and just use
the others to their fullest.
You should develop a ACS access and user scheme for your bbs. You
will notice Telegard has a Validation system (hit S from WFC then V)
which you can setup 26 validation levels. You might want to give
a certain level say V for visiting sysops and A-E for regular users and
G-I for special users and Y-Z for co and sysop. This way you can just
validate (through function keys or Call back door) to certain pre defined
levels. I recommend before you customize your ACS system you devise a
plan for your BBS. Ask yourself what will unvalidated users be at (by
default that's just s25 (security level 10)). What will be your validated
users that pass your inspection or Callback door (normally this is s50)).
Should some users have flags? Many questions like this should be planed
out before customization.
Now we should give examples of their uses to show you the power
of the ACS. By default telegard has ACS pretty much everyone to
secure basic setup. If you are a new sysop and using default menus
then take a look at the menu editor and the various menus. You
will notice the menu itself (hit T to toggle the display during
the editing of a menu) has a ACS and each menu item/command can
have its own ACS item. If you have a menu which you don't want
certain users to access (say the sysop menu or a private chat
menu for selected users) you could give it an acs of say "FA" which
means they must have Flag A to access the menu, otherwise they will
not be able to access it. This gives you control for which users
can use which sections of your bbs. Each menu command should have
its own ACS. Blank ACS means that EVERYONE will have access to use
this item which is obviously dangerous. So you should edit the
ACS to fit your validation/user access scheme. IF you want only
validated users to access the bbs list then give it your ACS for
validated users (say s50 by itself). The most common reason ACS is
used in menus is to control access to certain parts of Telegard by
the sysop. Without this system in place your users would access many
things you don't want them to. Some examples I personally use follow.
I use a menu FIRST.MNU that is loaded BEFORE my main menu (my start
menu which can be defined in Telegard). In this menu I perform
various checks on users and then perform actions depending on that
access or their validation level. I am showing here screen shots:
3. Keys FIRSTCMD
4. Command -L - Display a line of text
5. Options "> You need to first read the BBS Rules! <"
6. Access "FY!S11"
This menu item which is run on the first time the menu is loaded
(via FIRSTCMD for details read \docs\menus.ref) is to tell the user
they will need to read the rules first. The Access for this is
in item 6 and is read as "user has Flag Y AND (assumed) is NOT above
security level 11". If the ! was missing it would only work for SL11+
but this is for NEW USERS (ie sl10 here). The Flag Y is used for
my new user validation level (A) adn will be eventually removed in a later
menu item in this FIRST menu. If the user is SL1-10 but does not have
flag y this line will not show up since both are required. The reason
is the user needs only to read the rules ONCE. Once the rules are
read I remove the flag from their account via:
3. Keys FIRSTCMD
4. Command OF - Set AR Flags (Set 2)
5. Options "-Y"
6. Access "!S11"
Again see menus.ref for details.
The menu will also display a file to GUEST users using the guest
account. Guest account (validation level H here has flag G given
to this one slot). Thus:
3. Keys FIRSTCMD
4. Command -F - Display file (def. Paging)
5. Options "guest"
6. Access "FG"
Will only display the file if they have flag G otherwise the menu
item fails its ACS and is ignored.
Lastly in our example of the menus use I will show that if the
user has read the rules and is a NEW user they will then be shown
a file explaining they must use the Callback door.
3. Keys FIRSTCMD
4. Command -F - Display file (def. Paging)
5. Options "use.msg"
6. Access "!s11"
Then the main menu is loaded which if they are a new user due to the
ACS setup of this menu (main.mnu) they can only use the Callback door
and a few other commands. They can enter various parts like the bbs
list and view the list but due to the ACS of the bbslist.mnu can NOT
add to the menu. They can view the online games list but NOT play
in any games. Same for guests they can not download and not play
in any games. I hope these short examples will show the power of the
ACS system that can be used in the menus.
Doors or Online Games like LORD, BRE and such can be controled
through ACS items as well. You might have some adult doors which
can only be allowed in by say a Male of age 18 or above (no females).
How would you do this? Consulting the ACS.ref you see A which is
the Age acs parameter and G which is the Gender parameter. For this
particular door you would use "s50a18gM" which is read as "the user
must have security level 50 (validated user) AND be of age 18 or older
AND be of a male gender". There are ways you can even control door
use during time periods of the day. I will let you consult acs.ref
to see if you can figure out how on your own.
Message and file bases work the same way in terms of ACS. ACS works
well here with groupings or conferences. If you have more than one
message or file network (say Fidonet, ABCNet, XYZNet) you should group
all their message and file bases of that individual network into their
own groups or conferences. This is done through the system manager ->
group manager. For example create groups A (ABCNet), F (Fido), and
X (XYZNet). You would then assign the reading/posting ACS to only
those groups. You should also create a Global or Superconference in
which once joined you can read every message or file base there is
and they should have access to (so group G is global for example). Here
is an example of a few message bases:
A. Description Fringe Gatemail -Netmail
G. Posting ACS "s50"
H. SysOp ACS "s255"
I. Network ACS "%"
The ACS in message bases are G-I. Posting ACS is the ACS for
the user to post in that message base while Sysop ACS is for co-sysop
message base commands. Network ACS is used mainly in offline mail
readers. As you can see a user must be validated (sl50+) to post in
this message base.
A. Description Fringe Sci-fi
E. Area type Local
F. Reading ACS "s50(C@|CG|CH)"
G. Posting ACS "s50(C@|CG|CH)"
H. SysOp ACS "s255"
I. Network ACS "%"
This is a local message base that is for sci-fi related topics.
From F-I you can see the ACS items. Here is an example of the grouping
I use on my bbs. From the reading/posting ACS the user must be SL 50+
AND be in either group (Cx is group ACS item) @ (which is default to
be the main or local group OR in the Global group (CG) or in the sci-fi
echos group (CH-I store only sci-fi echos in this group). This allows
the user to access the base in those 3 groups but not in say Fido which
is the F group (CF for ACS).
Groups or conferences are highly suggested for every bbs to help
you organize things. You should have one group for every network at
the bare minimum. Plus one for local bases (not echomail - default @)
and a global/superconference for all the echos. This will help you and
your users to find message bases faster for reading and posting. With
the newest version of Telegard you can have distinct File and message
base groups. So jump in and experiment with each and use them to your
full advantage.
File bases have the same ACS method as the message bases and I will
show one example here:
A. Description Uploads Go Here!
B. Filename UPLOADS
G. List ACS "s10"
H. Names ACS "s60"
I. Upload ACS "FU"
K. Download ACS "s50"
L. SysOp ACS "s250"
This is my uploads directory which is the only file base files can
be uploaded to directly. ACS in file bases are options G-L as you can
see from the above. List ACS (G) is the ACS for users to list the file
base in newscans or via the file commands otherwise they do not see it.
By the above example a unvalidated user can view this particular base.
Names ACS is the ACS required to view uploader names on the files
in this case its a higher level than validated users. Upload ACS is the
acs required to upload files to this base. You will notice it is FU which
is read as "user must have flag U" I don't allow everyone to upload but
certain users that I give them the U flag otherwise they can't upload at
all. Download ACS is that which is required to download files from. In
this case you must be validated to download from here. Sysop ACS is for
file base co-sysops or sysops to do the various sysop functions. So in
conclusion a user can view the base but not download until validated
and not view uploader names until he reaches SL 60 or above.
Telegard events are very versatile and powerful. Without going into
large details that are beyond the scope of this article the events allow
you to schedule various things like chats or times certain users can
be online. I will show just one example of an ACS event. This is an
event in which only users with the defined ACS can login. This example
I made up to show:
A. Active Yes
B. Description Adult Female hour at BBS
C. Event type Login ACS Restriction (A)
D. Execute time 01:00
E. Duration 30 minutes
Event Range 01:00..01:30
F. Options s50GFa18
G. Days active -----F-
K. Nodes Node 1
In this example I allow only females (GF acs) who are validated (s50)
and are age 18 or above (a18) to login. The ACS is in item F. This
means the bbs only allows these females from 1 to 1:30pm on fridays to
login and no one else.
The powerful scripting language also allows you to use ACS in its
scripts. An example comes default with Telegard and that's the logon.scr
which controls the logon sequence.
; LOGON.SCR Last Modified:
; July 13, 1998
[snip of other items]
;
ACS R8 PUTNL "`07Account limits ......: `0B~RC calls per day
and ~RT minutes per call"
ACS !R8 PUTNL "`07Account limits ......: `0B~RC calls per day
and ~RT minutes per day"
Note: The ACS lines are actually ONE line.
The Rx acs item in acs.ref is a flag check for restrictions. In this
case R8 means the user (if he has the restriction) is limited to time
per call per the system setup. The logon script will check for the
restfiction and if so display to the user their minutes per day otherwise
the other one (!R8 - NOT restricted) then they are showed minutes per day.
There are many other areas where the ACS in Telegard can be used. For
example every language file you can can have its own ACS so that only
certain users with that ACS might see their own language files and
strings. Every Telegard node (if multi-node) can have its own node
ACS to restrict some nodes to only allow certain users. File protocols
like Zmodem can also be used with ACS restrictions. Even the voting
booth can allow you to restrict who can vote and which users can add
their voting answers. This is only a portion of the various methods
and areas you can use it.
Telegard is already quite secure on its own but if you need further
documentation on Telegard security consult the FAQ set that is posted
in the Fido Tg_support echo by Carol Shenkenberger or can be found
to download as well. But be warned if you good up the ACS security
can be compromised. Don't let this dismay your action of using it though.
The most common mistakes are typos in the ACS string so verify it before
you begin. If you use a1850 and it should've meant a18s50 then the ACS
will only allow those over age 1850 so it will mess up unless the S is
in there.
By now you should have some understanding of how ACS works in Telegard.
I will now cover some ACS items from acs.ref that might be vague and give
an example.
#C - say you want to display a line of text for only users who used
the Callback door but were long distance. The Callback door gave the user
"LCBV" so you could use #C"LCBV" in your ACS string.
B - Baud rate check. Say you have slow 2400 bps callers and want
to tell them doors will be slow via a ansi file. The ACS string would
then be B24.
C/D- Group ACS. The difference is that Cx is used for message groups
and Dx is used for the file group.
E/F- User flag ACS. There are two sets of flags every user can have
giving them up to 52 flags per user. E is for flag set 1 and F for 2.
G - Gender ACS. Only 2 values here F)emale or M)ale.
H - Hour of day. Say you want to allow a door use after a certain
hour of the day you can do it with this ACS. For example H10 would
allow use of the door after 10am.
I - User ID. This could be useful for displaying a file to a certain
user via the logon.scr.
J/K- Board ACS. You would use this if you wish to check to see if
the user is on a particular message/file base.
Y - Hours of the day. This ACS item is useful to for example allow
a door to be accessed only after noon. Since noon is 12 hours after
midnight it would be 720 minutes so you could use Y720 as the string.
The other ACS items should be self-explanatory and easy to understand.
In conclusion the Telegard ACS system is by far the most powerful tool
in the customization of Telegard and security. So use it wisely and to
your full advantage for a full and complete bbs setup.
To contact me if you have comments or feedback:
Scott Adams - Fringe BBS
email: longshot@darktech.org
website: http://users.cybermax.net/~longshot
ICQ #: 24436933 FidoNet netmail : 1:112/91
IRC Nick: Longshot
FidoNet Telegard support echo - TG_support