Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

FTP servers in BS2000

&pagelevel(3)&pagelevel

The FTP server accepts requests from FTP clients on the local network and executes them.

The use of an FTP server on a BS2000 partner system is, of course, only possible, provided the FTP server has been powered up by the administrator.

Figure 1: FTP server in BS2000

In the sections that follow, the host with the FTP server is referred to as the remote host so that the description of the server is consistent with that of the client (although from theviewpoint of the server, the local system is its own host).

Mode of operation

For each connection request from a client (open command), the server generates a separate BS2000 task. The data required to initiate this task (user ID, account number, password) is requested from the client. A program (FTPDC) is then initiated to execute the actual file transfer and the local file accesses initiated by the client. The DMS access rights in BS2000 (RDPASS, WRPASS, EXPASS, SHARE=YES|NO, ACCESS=READ|WRITE) as well as the access permissions in POSIX are both taken fully into account.

When multiple clients log on to the server at exactly the same time, a connection request may be rejected. If this occurs, the client must repeat the connection request.

Password protection

In BS2000, individual DMS files can be protected by passwords. The FTP server in BS2000 expects function calls with file names in the form

filename,C'password' or filename,X'password'.

Note, however, that this does not apply to the POSIX file system.

Example

A command is issued from a Unix system (file name: ZWATON) to overwrite the BS2000 file ANTON, which is protected by a read password OTTO:

put ZWATON ANTON,C'OTTO'

Files that are protected by different passwords (e.g. RDPASS=C'OTTO' and
WRPASS=C'KARL') cannot be addressed directly. At least one of the two passwords must have been entered earlier with the site exec function of the quote command:

quote site exec PASSWORD C'KARL'

quote site exec may only be used

  • when FTP access is not controlled with FTAC and

  • if it was not deactivated using the server option -disableSiteExecCommand (see the “interNet Services Administrator Guide”).

PASSIVE mode

PASSIVE mode enables a file transfer between two servers to be initiated from a client. The FTP client in BS2000 supports this procedure via the client command proxy (see "proxy - Controlling a connection to two remote systems").

In the BS2000 FTP server this functionality is supported by the server commands PASV and EPSV. In the BS2000 FTP client PASSIVE mode can be selected using the client command passive (see "passive - Enable/disable PASSIVE mode").

In PASSIVE mode, the server is made to wait at a data port for a connection request instead of actively setting up a connection itself. The connection is set up between the two server tasks via the first line address generated. If this line does not support connection between the two servers, the connection request is refused (return code 425, can’t build data connection).

PASSIVE mode is also used when an FTP server is to be accessed behind a firewall as connections from the server often cause conflicts with the firewall rules. For this reason many clients use PASSIVE mode by default.

Scope of implementation

The functions of an FTP server are implemented in standardized protocol elements (server commands).

The following table contains a summary of the functions of the FTP servers in BS2000.

Server
command

Server function

On servers in
BS2000

Corresponding (k)
/ Issuing (a) client
command

(DMS)

(POSIX)

acct

State account number

+

+


abor

Abort file transfer

+

+


allo

Allocate memory

(+)

(+)


appe

Append file to existing file

+

+

append (a)

auth

Initiate TLS connection

+

+

open(a)

ccc

Enable/disable TLS security for the control connection

+

+

ccc (a)

cdup

Change to the next higher working directory (POSIX) or remove partial qualifier (DMS)

+(1)

+

cdup (a)

cmod

Enable 1:1 transfer

+

+

copymode(k)

cwd

Change working directory (POSIX) or remove partial qualifier (DMS)

+

+

cd (a)

dele

Delete file

+

+

delete (a)

eprt

Extended port command for IPv6

+

+


epsv

Extended passive command for IPv6

+

+


feat

Show new features of the server

+

+


help

Request help

+

+

remotehelp (a)

list

List file names and directories

+

+

dir (a)

mdtm

Show date and time of last change to
file

+

+


mkd

Make directory

-

+


mlsd

List file names and file properties

+

+

mlsd (a)

mlst

List file properties

+

+

mlst (a)

mode

Define transfer mode

+

+

mode (a,k)

nlst

List file names

+

+

ls (a)

noop

No operation

+

+


opts

Specify options

+

+


pass

State password

+

+


pasv

Set PASSIVE mode

+

+


pbsz

Assign memory for data encryption

(+)

(+)

private (a)

port

Define data connection port

+

+


prot

Enable/disable encryption of data connection

+

+

private (a)

pwd
(same as xpwd)

Show current working directory

+

+

pwd (a)

quit

Terminate session

+

+

close (a)

rest

Specify position in file where data transfer is to commence

+

+

reget (a)
reput (a)

retr

Retrieve a file

+

+

get (a)

rmd
(same as xrmd)

Remove directory

-

+


rnfr

Rename a file, output old name

+

+

rename (a)

rnto

Rename a file, output new name

+

+

rename (a)

site

Prefix for BS2000-specific FTP server functions

+

+


size

Output file size

+

+


stat

Show server status information

+

+

status (k)

stor

Store file

+

+

put (a)

stou

Store files with unique names

+

+

put (a)

stru

Define transfer structure

+

+

struct (a+k)

syst

Show system information on the
server

+

+

system (a)

type

Define transfer type

+

+

type (a+k)

user

Define user ID

+

+

user (a)

xcup
(same as cdup)

Change to the next higher working directory (POSIX) or remove partial qualifier (DMS)

+(1)

+


xcwd
(same as cwd)

Change working directory (POSIX) or remove partial qualifier (DMS)

+

+


xmkd

Make directory

-

+

mkdir (a)

xpwd

Show current working directory

+

+

pwd (a)

xrmd

Remove directory

-

+

rmdir (a)

FTP server functions

Key

+
(+)
-
(a)
(k)
(a+k)

The function is implemented.
The function is implemented as a dummy function.
The function is not implemented.
Client command issues the server command.
Client command has the same meaning as the server command.
Client command has the same meaning as the server command and issues the server command.

(1) On the BS2000 server, cdup and xcup achieve the function "Change working directory" by removing a partial qualifier.


BS2000-specific functions of the FTP server

The following table provides an overview of the BS2000-specific functions of the FTP server.

Server
command

Server function

Servers in
BS2000
(DMS)(POSIX)

Corresponding (k)
/ Issuing (a) client
command

cmod

Enable 1:1 transfer

+

+

copymode (k)

exec

Forward command to remote operating system

+

+


file

Change DMS file attribute

+

+

file (k)

ftyp

Change file editing type

+

+

ftyp (k)

help

Information on FTP commands

+

+

help (k)

modc

Modify character string for switching between POSIX / DMS

+

+

modchar (k)

setc

Change code tables

+

+

setcode (k)

sfil

Enable/disable special EOF marker for PAM files;
Enable/disable filling of blank SAM records

+

(+)

setfile (k)

sopt

Set variables controlling server behavior

+

+

set (k)

svfs

Enable/disable TVFS

+

+


trce

Enable/disable debug output and Socket trace

+

+

debug (k) / trace (k)

exit

Define parameters for exit routines

+

+

rexit (a)

BS2000-specific FTP server functions

Key

+
(+)
(k)

The function is implemented.
The function is implemented as a dummy function.
Client command has the same meaning as the server command.

It is recommended that BS2000-specific FTP server functions always be called with the prefix site, although these functions can still also be used for compatibility reasons at the moment with the file, ftyp, modc and setc commands without a preceding site.

However, it is strongly recommended, particularly when creating procedures, to use the current form with a preceding site to prevent problems that may arise if the FTP standard is extended.

If site is not followed by any of the commands listed in the table, site is interpreted in the same way as site exec. The string following site is then forwarded as a command to the remote operating system and is interpreted as in earlier FTP server versions.

Calling the FTP server functions via the FTP partner client

For most FTP server functions, there is a corresponding command call on the partner client. If a function has no corresponding command call on the client, it can be called directly via the FTP server with the aid of the client command quote (see section “quote - Call server functions”).

In the case of FTP clients that do not offer any special input options for an account number (e.g. web browser), the account number can be appended to the user ID separated by a comma on the BS2000 FTP server.

There is no meaningful equivalent for the "Make directory" and "Remove directory" functions in the DMS file system on BS2000. As far as the POSIX file system on BS2000 is concerned, these functions are implemented within the framework of the POSIX support. The FTP client commands mkdir and rmdir can be used to create and remove directories in the POSIX file system.

Any server function of the partner system can always be called with the client command quote.

The server functions file, ftyp, modc, setc, sfil, svfs, cmod and exit are described in detail below. These functions exist only in the DMS file system in the BS2000 FTP server and must always be addressed via the client command quote.

  • The site exit function defines the parameter for the exit routines (see the
    “interNet Services Administrator Guide”). The exit command can also be sent to the server via the client command rexit (see "rexit - Define parameters for remote exit routines").
    Enter the following:

    quote site exit receive:<recv-parm>

    quote site exit send:<send-parm>

    quote site exit receive:<recv-parm>!send:<send-parm>

    e.g.: quote site exit receive:-C5!send:-D7
    quote site exit send:*NONE

  • The site file function defines the file attributes of a DMS file to be transferred on the remote system (i.e. the system on which the FTP server is running). The site file function corresponds to the client command file and is described in detail on "file - Define file attributes on local host".
    Enter the following:
    quote site file <remote-file,file-operand-list>
    e.g.: quote site file file1,fcbtype=sam

  • The

    site ftyp function defines whether the SAM files on the remote computer are to be processed as text or binary files The site ftyp function corresponds to the client command ftyp and is described in detail on "ftyp - Specify processing type for files on local host".
    Enter the following:
    quote site ftyp <file-processing-type>
    e.g.: quote site ftyp binary

  • The site modc function defines the first character in the string for switching between the DMS file system and the POSIX file system. The site modc function corresponds to the client command modchar and is described in detail on "modchar - Modify character string".
    Enter the following:
    quote site modc <character>
    e.g.: quote site modc $

  • The site setc function is used to set the character set names (CCSN) for character set conversion. The site setc function corresponds to the client command setcode and is described in detail on "setcode - Change code tables".
    Enter the following:
    quote site setc <Host CCSN> <Net CCSN>
    e.g.: quote site setc EDF049 ISO88599

  • The site sfil function defines special modes of operation for transferring files and corresponds to the client command setfile, which is described in detail on "setfile - Enable/disable file marker".
    Enter the following:

    quote site sfil datend on | off | lbp
    Enable/disable the special EOF marker (default: enabled) or use the new EOF marker mode Last Byte Pointer (LBP).

    quote site sfil pademptyrec on|off
    Enable/disable filling of blank SAM records (default: disabled).

    e.g.: quote site sfil datend off
    quote site sfil pademptyrec on

  • The site cmod function (see the description of the client command copymode on "copymode - Enable/disable 1:1 transfer of BS2000 disk files").

  • The site svfs function enables/disables TVFS for the corresponding session.
    Enter the following:

    quote site svfs on | off
    Enable/disable TVFS.

    e.g.: quote site svfs on

  • The site sopt function allows the setting of variables controlling the FTP server behavior. So with

    quote site sopt assignCCSNtoFile NO | YES

    the automatic assignment of the COD-CH-SET file attribute when writing a file can be (de)activated.

    e.g..: quote site sopt assignCCSNtoFile YES activates this assignment, so with transfer type ascii the written SAM files is assigned the currently set Host CCSN as COD-CH-SET attribute.

FTP server commands, which support the restart capability of the FTP client

The following FTP server commands support the restart capability of the FTP client and FTP server:

  • mdtm

  • size

  • rest

mdtm - Establish the date and time of the last file change to date

The mdtm command provides the date and time of the last change to a file to date:

Message: 213 <YYYYMMDDhhmmss>

mdtm

<file>

<file>

File for which the mdtm command supplies the date and time of the last change.

Example

quote site mdtm testdatei

213 20101015204331

size - Establish the size of a file

The size command specifies how many bytes were transferred via the network when this file was transferred. The current settings for mode, type, struct and ftyp are taken into account here. The size command is rejected with an error code for mode <> stream.

It can occur that the size command is disabled for technical reasons on a BS2000 FTP server.

Message: 213 <size of file (in bytes)>

size

<file>

<file>

File for which the size command supplies the size.

Example

quote size test file

213 498665

rest- Specify file position where a data transfer should begin

The rest command specifies any byte position at whose corresponding file position (instead of file start) a file transfer initiated by a subsequent stor or recv command should begin.

rest

<position>

<position>

Byte position at whose corresponding file position the next file transfer should begin.

Command for showing the server features

The FTP server supports the FEAT command (RFC 2389). By default, FEAT reports support of the EPSV, EPRT, SIZE, MDTM and REST STREAM commands. Support of SIZE is not indicated if SIZE has been disabled via server option -disableSizeCommand (see the “interNet Services Administrator Guide”).

If TLS support of the FTP server is enabled, FEAT also reports support of AUTH TLS, PBSZ and PROT.

If TVFS is enabled globally using the FTP server option, the FEAT command reports TVFS support.

In addition, support for the MLSD/MLST commands is reported initially via MLST
type*;size*;create*;modify*;perm*;unique*;UNIX.owner*;UNIX.group*;UNIX.mode*;. In doing so, the list next to MLST indicates which facts can be supplied by the MLSD/MLST commands using file system objects. '*' indicate the facts that are currently returned; you can use the OPTS command to change the quantity of these facts. For details on TVFS, MLSD, and MLST, see RFC 3659.

FEAT


FTAC interface

The advantages of the FTP protocol lie, among other things, in the fact that FTP client programs are standardized and hence widely used. When seen from a security aspect, however, it is not up to the usual standards prevalent in BS2000. In other words, anyone who knows your login-specific data can retrieve data from your user ID, save data to your user ID, delete data or change file attributes.
For this reason, interNet Services offers access to the FTAC interface for FTP. Access control and protection via openFT-AC has already been available for the File Transfer openFT since quite some time.

The following features are offered by FTAC to protect the BS2000 server:

  • Decoupling of FTP transfer admissions and login admissions

  • Access rights depending on partner systems

  • User-specific access rights

  • Flexible levels of access rights

  • Logging of every authorization check

  • Simple application

More detailed information on the FTAC support for FTP can be found in the chapter “FTAC interface” (see "FTAC interface").