It should be fairly simple to capture the vars HPSTDIN_NETWORK_ADDR and HPSTREAMEDBY at log on to validate and either continue or :bye out of the system.
jack


-----Original Message-----
From: Chris Bartram [mailto:[log in to unmask]]
Sent: Saturday, December 19, 2009 1:05 AM
To: [log in to unmask]
Subject: Re: [HP3000-L] Force login to use a specific IP

HP-3000 Systems Discussion wrote:
> Is there a way to force a particular user id to use a specific IP
> address. In other words I want to give a machine a static IP and only
> allow this person to access the HP3000 from that PC with the static
> IP.

The following excerpt from system UDCs I use on my HP3000s might give you some ideas.

The "VALIDATEIPADDR" call in the UDC calls another command file that actually does a validation of the logging-on user based on data in a control file to determine if he/she is allowed to log onto the system from the specific host/ip address they are coming from.

The variables the udc sets will work whether the logging on user is coming in via Telnet or NSVT (or hardwired or modem).

The TELLOPs also leave a nice log on the system console (and log file) of the login, including where they came from and what protocol was used to access the system.

-Chris Bartram


***
LOGON
OPTION LOGON,NOBREAK,NOHELP

setvar _network_node ''
if bound(hpstdin_network_node) then
  setvar _network_node '!hpstdin_network_node'
endif

setvar _na ''
setvar _at 'HARDWIRED'
if bound(hpstdin_network_addr) then
  setvar _na '!hpstdin_network_addr'
elseif bound(hpremipaddr) then
  setvar _na '!hpremipaddr'
endif

if bound(hplocport) then
  if !hplocport=23 then
    setvar _at 'TELNET'
  endif
endif
  IF BOUND(HPSTDIN_ACCESS_TYPE) THEN
    SETVAR _AT "!HPSTDIN_ACCESS_TYPE"
  ENDIF

IF BOUND(HPSTDIN_TRANSPORT_TYPE) THEN
  SETVAR _TP "!HPSTDIN_TRANSPORT_TYPE"
ELSE
  IF "!_AT"="TELNET" THEN
    SETVAR _TP "TCP/IP"
   ELSE
    SETVAR _TP "SERIAL"
  ENDIF
ENDIF

IF BOUND(HPVT_CLIENT_VENDOR) THEN
  SETVAR _VND " (!HPVT_CLIENT_VENDOR)"
ELSE
  SETVAR _VND " "
ENDIF

TELLOP LOGON VIA !_AT USING !_TP !_VND

setvar _node ups(ltrim(rtrim("!_network_node")))
setvar _addr ups(ltrim(rtrim("!_na")))
if '!_node'<>'' then
  tellop !_at, IP: "!_addr" Node: "!_node"
else
  tellop !_at, IP: "!_addr"
endif

setjcw cierror=0
continue
VALIDATEIPADDR
if !cierror<>0 then
  echo
  echo ************************************
  echo **  NODE/IP CONTROL FILE CORRUPT  **
  echo ************************************
  echo
  bye
endif

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

CONFIDENTIALITY NOTICE: This communication with its contents may contain confidential information. It is solely for the use of the intended recipient(s). Unauthorized interception, review, use or disclosure is prohibited and may violate applicable laws including the Electronic Communications Privacy Act. If you are not the intended recipient, please contact the sender and destroy all copies of the communication.

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *