I am trying to figure out how to determine the IP address of a user
that starts an exe file. I need to be able to distinguish between a
remote user that used telnet to start the application and a user that
logged into the host machine and started the program.
One suggestion was to put a script wrapper around the exe file and use
the lsof command to get the IP address.
Any suggestions? Thanks in advanced!
Sent via Deja.com http://www.deja.com/
Before you buy.
Barcio wrote:
I am trying to figure out how to determine the IP address of a user
that starts an exe file. I need to be able to distinguish between a
remote user that used telnet to start the application and a user that
logged into the host machine and started the program.One suggestion was to put a script wrapper around the exe file and use
the lsof command to get the IP address.Any suggestions? Thanks in advanced!
Sent via Deja.com > http://www.deja.com/
Before you buy.
I solve this problem one year ago and post it on quics, but here is
again…
Add this lines in /etc/profile
DADPID=$(printf $(sin -h -p $$ format f))
ARGLINE=$(printf “%s %s %s %s %s” $(sin -h -p $DADPID fds | grep “0 -”))
export LOCAL_IP=$(echo $ARGLINE | cut -f4 -d’ ’ | cut -f1-4 -d.)
export REMOTE_IP=$(echo $ARGLINE | cut -f5 -d’ ’ | cut -f1-4 -d.)
If you have qnx 4.25 patch D then you will have problem with printf cmds,
becauce in last
patch is new version witch display an error if some of parameters are
null.
I solve this either butt on the job, try with this and if you have problem
e-mail me.
Ernest Simunic
Process Electronics d.o.o.
Croatia
e-mail: esimunic@process-electronics.hr
This suggests that there must be a generic message
you can send based on your fds to the respective
I/O manager, which returns a string whose format
depends on the manager.
Ernest Simunic <esimunic@qnx.com> wrote:
Barcio wrote:
I am trying to figure out how to determine the IP address of a user
that starts an exe file. I need to be able to distinguish between a
remote user that used telnet to start the application and a user that
logged into the host machine and started the program.One suggestion was to put a script wrapper around the exe file and use
the lsof command to get the IP address.Any suggestions? Thanks in advanced!
Sent via Deja.com > http://www.deja.com/
Before you buy.I solve this problem one year ago and post it on quics, but here is
again…Add this lines in /etc/profile
DADPID=$(printf $(sin -h -p $$ format f))
ARGLINE=$(printf “%s %s %s %s %s” $(sin -h -p $DADPID fds | grep “0 -”))
export LOCAL_IP=$(echo $ARGLINE | cut -f4 -d’ ’ | cut -f1-4 -d.)
export REMOTE_IP=$(echo $ARGLINE | cut -f5 -d’ ’ | cut -f1-4 -d.)If you have qnx 4.25 patch D then you will have problem with printf cmds,
becauce in last
patch is new version witch display an error if some of parameters are
null.
I solve this either butt on the job, try with this and if you have problem
e-mail me.Ernest Simunic
Process Electronics d.o.o.
Croatia
e-mail: > esimunic@process-electronics.hr
–
Mitchell Schoenbrun --------- maschoen@pobox.com
Mitchell Schoenbrun <maschoen@tsoft.com> wrote:
This suggests that there must be a generic message
you can send based on your fds to the respective
I/O manager, which returns a string whose format
depends on the manager.
No, there isn’t a single general message. When you do a “sin fd”,
sin does a set of qnx_fd_query() calls, and for each of them it:
sends a socket query message, if that fails
it does a dev_fdinfo(), if that fails
it does an fsys_fdinfo() call
If they all fail, or it runs into vc problems, it returns “unknown”.
The socket query message looks like:
union
{
struct _socket_fdinfo s;
struct _socket_fdinfo_reply r;
} msg;
memset (&msg,0,sizeof(msg));
msg.s.type = _SOCK_FDINFO;
msg.s.pid = pid;
msg.s.fd = fd;
msg.r.info.sa_family = AF_INET; /* for backward compatible */
(Message type and structures for this defined in <sys/sock_msg.h>.)
To relate back to the original question…
Of course, the problem with getting this directly from a program
started after someone has logged in over telnet is that the program’s
fds (stdin/stdout/stderr) will not point back to the socket, but
will, instead, point to the pseudo-tty that is its controlling
terminal. So, you then have to make some guesses – the shell
scripting assumes that the parent of this shell is telnetd, which
will have a its fd 0 connected to the socket. (Usually a valid
assumption at the start of a login shell – do it in the .profile,
not in the .shrc/.kshrc files, or as in the example in /etc/profile
which is done on every shell startup. Of course, if you aren’t using
the standard sh/ksh, the startup files it looks for could be different.)
Another possible way of tracing back would be to look at which
pseudo-tty your process’ stdin/stdout is attached to, then look
for the process on the master side of that pty, and look at its
fds. This is trickier, but should work ok even if you aren’t the
direct child of the telnetd process.
-David
Ernest Simunic <> esimunic@qnx.com> > wrote:
Barcio wrote:I am trying to figure out how to determine the IP address of a user
that starts an exe file. I need to be able to distinguish between a
remote user that used telnet to start the application and a user that
logged into the host machine and started the program.One suggestion was to put a script wrapper around the exe file and use
the lsof command to get the IP address.Any suggestions? Thanks in advanced!
Sent via Deja.com > http://www.deja.com/
Before you buy.I solve this problem one year ago and post it on quics, but here is
again…Add this lines in /etc/profile
DADPID=$(printf $(sin -h -p $$ format f))
ARGLINE=$(printf “%s %s %s %s %s” $(sin -h -p $DADPID fds | grep “0 -”))
export LOCAL_IP=$(echo $ARGLINE | cut -f4 -d’ ’ | cut -f1-4 -d.)
export REMOTE_IP=$(echo $ARGLINE | cut -f5 -d’ ’ | cut -f1-4 -d.)If you have qnx 4.25 patch D then you will have problem with printf cmds,
becauce in last
patch is new version witch display an error if some of parameters are
null.
I solve this either butt on the job, try with this and if you have problem
e-mail me.Ernest Simunic
Process Electronics d.o.o.
Croatia
e-mail: > esimunic@process-electronics.hr
Mitchell Schoenbrun --------- > maschoen@pobox.com
Ok, how about “there’s a programatic procedure to get
this information.” 
.
Thanks for disclosing this David.
David Gibbs <dagibbs@qnx.com> wrote:
Mitchell Schoenbrun <> maschoen@tsoft.com> > wrote:
This suggests that there must be a generic message
you can send based on your fds to the respective
I/O manager, which returns a string whose format
depends on the manager.No, there isn’t a single general message. When you do a “sin fd”,
sin does a set of qnx_fd_query() calls, and for each of them it:
sends a socket query message, if that fails
it does a dev_fdinfo(), if that fails
it does an fsys_fdinfo() callIf they all fail, or it runs into vc problems, it returns “unknown”.
The socket query message looks like:
union
{
struct _socket_fdinfo s;
struct _socket_fdinfo_reply r;
} msg;memset (&msg,0,sizeof(msg));
msg.s.type = _SOCK_FDINFO;
msg.s.pid = pid;
msg.s.fd = fd;msg.r.info.sa_family = AF_INET; /* for backward compatible */
(Message type and structures for this defined in <sys/sock_msg.h>.)
To relate back to the original question…
Of course, the problem with getting this directly from a program
started after someone has logged in over telnet is that the program’s
fds (stdin/stdout/stderr) will not point back to the socket, but
will, instead, point to the pseudo-tty that is its controlling
terminal. So, you then have to make some guesses – the shell
scripting assumes that the parent of this shell is telnetd, which
will have a its fd 0 connected to the socket. (Usually a valid
assumption at the start of a login shell – do it in the .profile,
not in the .shrc/.kshrc files, or as in the example in /etc/profile
which is done on every shell startup. Of course, if you aren’t using
the standard sh/ksh, the startup files it looks for could be different.)Another possible way of tracing back would be to look at which
pseudo-tty your process’ stdin/stdout is attached to, then look
for the process on the master side of that pty, and look at its
fds. This is trickier, but should work ok even if you aren’t the
direct child of the telnetd process.-David
Ernest Simunic <> esimunic@qnx.com> > wrote:
Barcio wrote:I am trying to figure out how to determine the IP address of a user
that starts an exe file. I need to be able to distinguish between a
remote user that used telnet to start the application and a user that
logged into the host machine and started the program.One suggestion was to put a script wrapper around the exe file and use
the lsof command to get the IP address.Any suggestions? Thanks in advanced!
Sent via Deja.com > http://www.deja.com/
Before you buy.I solve this problem one year ago and post it on quics, but here is
again…Add this lines in /etc/profile
DADPID=$(printf $(sin -h -p $$ format f))
ARGLINE=$(printf “%s %s %s %s %s” $(sin -h -p $DADPID fds | grep “0 -”))
export LOCAL_IP=$(echo $ARGLINE | cut -f4 -d’ ’ | cut -f1-4 -d.)
export REMOTE_IP=$(echo $ARGLINE | cut -f5 -d’ ’ | cut -f1-4 -d.)If you have qnx 4.25 patch D then you will have problem with printf cmds,
becauce in last
patch is new version witch display an error if some of parameters are
null.
I solve this either butt on the job, try with this and if you have problem
e-mail me.Ernest Simunic
Process Electronics d.o.o.
Croatia
e-mail: > esimunic@process-electronics.hr
Mitchell Schoenbrun --------- > maschoen@pobox.com
–
Mitchell Schoenbrun --------- maschoen@pobox.com