NETINFO.COM PROGRAM 

$ PROGRAM = " NETINFO V2.0 "
$ LOG := WRITE SYS$OUTPUT F$TIME()+PROGRAM+
$ ON WARNING THEN GOTO SOS
$!
$! NETINFO VERSION 2.0 - AUGUST 1992
$!
$! BY: JOHN MCMAHON
$!     TGV, INCORPORATED
$!     PHONE:  800-848-3440
$!     E-MAIL: MCMAHON@TGV.COM
$!
$! DCL VERSION BASED ON EARLIER WORKS BY JOHN MCMAHON
$! THAT WERE DEVELOPED UNDER CONTRACT TO THE ADVANCED
$! DATA FLOW TECHNOLOGY OFFICE (NASA GODDARD SPACE
$! FLIGHT CENTER) AND THE COSMIC BACKGROUND EXPLORER
$! SCIENCE DATA ROOM PROJECT (NASA GODDARD SPACE FLIGHT
$! CENTER)
$!
$! SUGGESTED BY A SAMPLE PROGRAM IN A DEC SEMINAR
$! ON "NETWORK SECURITY"
$!
$! INSTALLING THIS PROGRAM:
$!
$! 1) PERMANENT NETSERVERS SHOULD BE TURNED OFF BY
$!    ISSUING THE COMMAND:
$!
$!    DEFINE/SYSTEM/EXEC NETSERVER$TIMEOUT "0"
$!
$!    IN THE SYSTEM STARTUP PROCEDURE.
$!
$! 2) THE GLOBAL SYMBOL NETSERVER$COMMAND SHOULD
$!    BE DEFINED IN THE SYSTEM LOGIN PROCEDURE
$!    AS: 
$!
$!    NETSERVER$COMMAND :== @DISK:[DIRECTORY]THIS-PROCEDURE
$!
$! 3) THE PROTECTION ON THE COMMAND PROCEDURE SHOULD BE:
$!    (S:RE,O:RE,G:E,W:E)
$!
$! NOTE: THIS SOFTWARE IS PROVIDED AS-IS, THE AUTHOR AND HIS EMPLOYERS
$! ASSUME NO RESPONSIBILTY FOR THE USE, LOSSES FROM THE USE, OR RELIABILITY
$! OF THIS SOFTWARE.
$!
$ LOG "WRITTEN AUGUST 1992 BY JOHN MCMAHON"
$!
$! THIS ONLY WORKS FOR NETWORK PROCESSES
$!
$ IF F$MODE() .NES. "NETWORK"
$ THEN
$	LOG "EXITING - THIS IS NOT A NETWORK PROCESS"
$ 	EXIT
$ ENDIF
$!
$! USEFUL THINGS TO DO FIRST...
$!
$! (NOTE J)
$!
$ DEFINE FAL$LOG 1 ! FAL DEBUGGING LOGICAL THAT
$                  ! REPORTS FILENAMES BEING ACCESSED
$!
$! SAVE THE NETSERVER FILES FROM RANDOM PURGING
$!
$! AN ALTERNATE TECHNIQUE WOULD BE TO RENAME FILES TO AN
$! ALTERNATE DIRECTORY
$!
$! (NOTE H)
$!
$ IF F$SEARCH("SYS$LOGIN:NETSERVER.LOG") .NES. ""
$ THEN
$	SET PROTECTION=(S:RWE,O:RWE,G,W) SYS$LOGIN:NETSERVER.LOG.*
$ ENDIF
$!
$! NETSERVER.COM VERIFY SETTING
$!
$ NETSERVER$VERIFY :== 0 ! 0=OFF, 1=ON
$!
$! TABLE OF OBJECTS REGISTERED IN NCP
$!
$! 	THIS IS A SUBSET OF THE OBJECTS THAT DO NOT HAVE PROCESSES
$! 	ASSOCIATED WITH THEM (EXAMPLE: IGNORE REMACP AND SMISERVER)
$!
$!	THIS INFORMATION WAS RETRIEVED USING THE NCP COMMAND
$!	NCP> SHOW KNOWN OBJECTS
$!
$ OBJECTTABLE_0   = "MOM,NICONFIG,TASK"
$ OBJECTTABLE_17  = "FAL,SUBMIT/REMOTE"	! File Access
$ OBJECTTABLE_18  = "HLD"
$ OBJECTTABLE_19  = "NML"		! NCP Commands
$ OBJECTTABLE_25  = "MIRROR"
$ OBJECTTABLE_26  = "EVL"
$ OBJECTTABLE_27  = "MAIL"		! Electronic Mail
$ OBJECTTABLE_29  = "PHONE"		! Phone
$ OBJECTTABLE_51  = "VPM"		! Monitor
$ OBJECTTABLE_63  = "DTR"
$!
$! GET THE NCB OUT OF THE SYS$NET LOGICAL NAME
$!
$ NETINFO_NCB = F$TRNLNM("SYS$NET")
$!
$! (NOTE A)
$!
$! GET THE REMOTE NODENAME AND USERNAME
$!
$!	NODENAME IS PRIOR TO THE FIRST COLON 
$!
$ NETINFO_NODENAME = F$ELEMENT(0,":",NETINFO_NCB)
$!
$! (NOTE B)
$!
$!	EXTRACT THE STRING BETWEEN THE "=" AND THE "/"
$!	THIS IS THE USERNAME
$!
$ WORK_STRING = F$ELEMENT(1,"=",NETINFO_NCB)
$ NETINFO_USERNAME = F$ELEMENT(0,"/",WORK_STRING)
$!
$! (NOTE C)
$!
$! GET THE LOCAL LINK NUMBER, OPTIONAL INFO,
$! OBJECT FORMAT AND OBJECT NUMBER
$!
$!	EXTRACT THE STRING AFTER THE "/"
$!	THIS SIMPLIFIES LOCATING THINGS BECAUSE
$!	WE AREN'T DEALING WITH A RANDOM LENGTH
$!	USERNAME OR NODENAME
$!
$!	BYTES 0-1  IS THE LINK NUMBER
$!	BYTE  2    IS THE OPTIONAL INFO LENGTH
$!	BYTES 3-18 IS THE OPTIONAL INFO
$!	BYTE  19   IS THE OBJECT FORMAT
$!	BYTE  20   IS THE OBJECT NUMBER
$!
$ WORK_STRING = F$ELEMENT(1,"/",NETINFO_NCB)
$ NETINFO_LINK_NUMBER = F$CVUI(0,16,WORK_STRING)                        
$ NETINFO_OPTIONAL_INFO_LENGTH = F$CVUI(0,8, F$EXTRACT(2,1,WORK_STRING) )
$ NETINFO_OPTIONAL_INFO = F$EXTRACT(3,16,WORK_STRING)                    
$! (NOTE D)
$ NETINFO_OBJECT_FORMAT = F$CVUI(0,8, F$EXTRACT(19,1,WORK_STRING) )      
$ NETINFO_OBJECT_NUMBER = F$CVUI(0,8, F$EXTRACT(20,1,WORK_STRING) )
$!
$! CONVERT THE OPTIONAL_INFO INTO HEX
$!
$ NETINFO_OPTIONAL_INFO_HEX = ""
$ COUNT = 0
$ LOOP:
$	BYTE = F$EXTRACT(COUNT,1,NETINFO_OPTIONAL_INFO)
$! (NOTE G)
$	NETINFO_OPTIONAL_INFO_HEX = -
        NETINFO_OPTIONAL_INFO_HEX +-
        F$FAO( "!2XL",F$CVUI(0,8,BYTE) )
$	COUNT = COUNT + 1
$	IF COUNT .LT. 16 THEN GOTO LOOP
$ ENDLOOP:	
$!
$! IF THE OBJECT FORMAT IS 1, THEN GET THE OBJECT NAME
$! LENGTH AND THE OBJECT NAME 
$!
$!	BYTE 21 IS THE OBJECT NAME LENGTH
$!	BYTE 22 BEGINS THE OBJECT NAME
$! 
$ NETINFO_OBJECT_NAME_LENGTH = 0
$ NETINFO_OBJECT_NAME = ""
$ IF NETINFO_OBJECT_FORMAT .EQ. 1
$ THEN
$	NETINFO_OBJECT_NAME_LENGTH = F$CVUI(0,8, F$EXTRACT(21,1,WORK_STRING))
$! (NOTE E)
$	NETINFO_OBJECT_NAME = -
         F$EXTRACT(22,NETINFO_OBJECT_NAME_LENGTH,WORK_STRING)
$ ENDIF
$!
$! IF THE OBJECT NUMBER CAN BE MAPPED TO A KNOWN NAME,
$! THEN DO SO
$!
$ NETINFO_KNOWN_OBJECT_NAME = ""
$ IF F$TYPE(OBJECTTABLE_'NETINFO_OBJECT_NUMBER') .EQS. "STRING" 
$ THEN
$	NETINFO_KNOWN_OBJECT_NAME = OBJECTTABLE_'NETINFO_OBJECT_NUMBER'
$ ENDIF
$!
$! WHAT'S MY LOCAL PID, USERNAME, PROCESS AND NODENAME ?
$!
$ NETINFO_PID = F$GETJPI(0,"PID")
$ NETINFO_LOCAL_USERNAME = F$GETJPI(0,"USERNAME")
$ NETINFO_LOCAL_PROCESSNAME = F$GETJPI(0,"PRCNAM")
$ NETINFO_LOCAL_NODENAME = F$GETSYI("NODENAME")
$!
$! FORMAT THE OPCOM MESSAGE SIMILAR TO THE SECURITY ALARM
$!
$!	THE REQUEST VERB ONLY TAKES LINES UP TO (ABOUT) 255 CHARACTERS
$!	SO WE SEND THE DATA AS TWO MESSAGES, APPROXIMATELY 200 BYTES
$!	EACH.
$!
$ WALL_CLOCK = F$TIME()
$! (NOTE F)
$ NETINFO_OUTPUT = -
   F$FAO("!AS- NETWORK LOGIN REPORT!/EVENT TIME:!_!_!AS!/",PROGRAM,WALL_CLOCK)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
   F$FAO("PID:!_!_!_!AS!_PROCESS NAME:!_!AS!/",-
   NETINFO_PID,NETINFO_LOCAL_PROCESSNAME)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
   F$FAO("LOCAL USERNAME:!_!_!AS!/",NETINFO_LOCAL_USERNAME)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
   F$FAO("LOCAL NODENAME:!_!_!AS!/",NETINFO_LOCAL_NODENAME)
$!
$!	THE SECURITY ALARM INCLUDES THE REMOTE NODENUMBER.
$!	THIS CANNOT BE RETRIEVED WITHOUT
$!	SYSPRV (VIA AN INDEXED DCL READ INTO SYS$SYSTEM:NETNODE_REMOTE.DAT), 
$!	SO WE DON'T DO IT.
$!
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
   F$FAO("REMOTE NODENAME:!_!AS!/",NETINFO_NODENAME)
$ NETINFO_OUTPUT = NETINFO_OUTPUT + -
   F$FAO("REMOTE USERNAME:!_!AS!/",NETINFO_USERNAME)
$!
$!	FEED THE FORMATTED TEXT TO REQUEST
$!
$ LOG "SENDING MESSAGE 1, LENGTH=",F$LENGTH(NETINFO_OUTPUT)
$ REQUEST/TO=(NETWORK,SECURITY) "''NETINFO_OUTPUT'" ! FIRST MESSAGE
$!
$!	DO IT AGAIN WITH THE REST OF THE DATA
$!
$ NETINFO_OUTPUT2 = -
   F$FAO("!AS- NETWORK LOGIN REPORT (CONTINUED)!/EVENT TIME:!_!_!AS!/",-
   PROGRAM,WALL_CLOCK)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
   F$FAO("PID:!_!_!_!AS!_PROCESS NAME:!_!AS!/",-
   NETINFO_PID,NETINFO_LOCAL_PROCESSNAME)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
   F$FAO("LOCAL LINK NUMBER:!_!SL!/",NETINFO_LINK_NUMBER)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
   F$FAO("OBJECT NUMBER:!_!_!SL",NETINFO_OBJECT_NUMBER)
$ IF NETINFO_KNOWN_OBJECT_NAME .NES. "" THEN -
   NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
   F$FAO(" (!AS)",NETINFO_KNOWN_OBJECT_NAME)
$ NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + F$FAO("!/")
$ IF NETINFO_OBJECT_NAME .NES. "" THEN -
   NETINFO_OUTPUT2 = NETINFO_OUTPUT2 + -
   F$FAO("OBJECT NAME:!_!_!AS!/",NETINFO_OBJECT_NAME)
$ LOG "SENDING MESSAGE 2, LENGTH=",F$LENGTH(NETINFO_OUTPUT2)
$ REQUEST/TO=(NETWORK,SECURITY) "''NETINFO_OUTPUT2'" ! SECOND MESSAGE 
$!
$! DUMP ALL OF THE NETINFO SYMBOLS INTO NETSERVER.LOG
$!
$ LOG "DUMPING CURRENT NETINFO SYMBOLS"
$ SHOW SYMBOL NETINFO*
$!
$! ANY SPECIAL PROCESSING COULD GO HERE
$!
$! "CARTWRIGHT" IS USED AS AN EXAMPLE LOCAL USERNAME HERE.
$!
$! (NOTE K)
$!
$! EXAMPLE OF DISABLING FILE ACCESS FOR A PARTICULAR USER
$!
$! IF (NETINFO_LOCAL_USERNAME .EQS. "CARTWRIGHT") .AND. -
$!    (NETINFO_KNOWN_OBJECT_NAME .EQS. "FAL") 
$! THEN
$!	WRITE SYS$OUTPUT "ACCESS TO FAL DENIED FOR USER CARTWRIGHT"
$!	LOGOUT/FULL
$! ENDIF
$!
$! (NOTE M)
$!
$! EXAMPLE OF DISABLING SUBMIT/REMOTE ACCESS FOR A PARTICULAR USER
$!
$! IF (NETINFO_LOCAL_USERNAME .EQS. "CARTWRIGHT") .AND. -
$!    (NETINFO_KNOWN_OBJECT_NAME .EQS. "FAL") 
$! THEN
$!	DEFINE SYS$BATCH "$NOT$A$REAL$BATCH$QUEUE$NAME$"
$!	WRITE SYS$OUTPUT "ACCESS TO SUBMIT/REMOTE DENIED FOR USER CARTWRIGHT"
$! ENDIF

$! (NOTE N)
$!
$! EXAMPLE OF DISABLING OBJECT ZERO ACCESS FOR A PARTICULAR USER
$! ADDITIONAL CODE COULD BE ADDED TO TEST FOR "DIGITAL-RESERVED" OBJECTS
$! (EXAMPLE: $MOM) IF YOU STILL WANT THOSE OBJECTS TO WORK
$!
$! IF (NETINFO_LOCAL_USERNAME .EQS. "CARTWRIGHT") .AND. -
$!    (NETINFO_OBJECT_NUMBER .EQ. 0) 
$! THEN
$!	WRITE SYS$OUTPUT "ACCESS TO OBJECT ZERO DENIED FOR USER CARTWRIGHT"
$!	LOGOUT
$! ENDIF
$!
$ LOG "NORMAL EXIT"
$ EXIT

$ SOS:
$!
$! IF A WARNING (OR WORSE) OCCURS, WE BOUNCE TO HERE
$!
$ SAVE_STATUS = $STATUS
$ REQUEST/TO=(NETWORK,SECURITY) -
   "''PROGRAM' - ABNORMAL EXIT, STATUS=''SAVE_STATUS'"
$ LOG "ABNORMAL EXIT, STATUS="+SAVE_STATUS
$ EXIT 'SAVE_STATUS