PI80912 HTML

PI80912 Memo To Users

 
Memo to Users for APAR PI80912
 
Firewall Friendly FTP Client
 
With the PTF for APAR PI80912, the z/VM FTP client is updated to
improve interaction in configurations which require traversing
firewalls.  This support includes some design changes as well as
updates to default behavior.  The updates that have been made are as
follows:
 
  - A new FWFRIENDLY configuration statement has been added to the FTP
    DATA file.  When specified as TRUE, data connections will default
    to passive mode (EPSV/PASV).  When specified as FALSE, data
    connections will use active mode (PORT).  This statement only
    impacts IPv4 connections.  TRUE is the default.
  - New FWFRIENDLY and NOFWFRIENDLY options have been added to the
    LOCSITE subcommand to manipulate the active/passive setting once
    a connection has been established.  These options are preferred
    over using the PASSIVE subcommand.
  - The behavior of the PASSIVE subcommand has been altered slightly.
    Now, the first time the PASSIVE subcommand is issued, data
    connections will be placed into passive mode (regardless of the
    current setting).  Subsequent uses of the PASSIVE subcommand on the
    same connection will toggle the active/passive state.
  - The output from the LOCSTAT subcommand has been updated to display
    the current FWFRIENDLY and EPSV4 settings for IPv4 connections.
  - Logic has been changed such that when extended FTP commands are in
    use (IPv4 connections with EPSV4 TRUE or any IPv6 connections),
    the EPSV command will always be used, regardless of the active/passive
    state.
 
The following documentation changes will be made available on August 25th
and the details can be found in the z/VM V6R4 Library in IBM Knowledge
Center at
  https://www.ibm.com/support/knowledgecenter/SSB27U_6.4.0/
  com.ibm.zvm.v640/zvminfoc03.htm
 
Publication title: TCP/IP User's Guide
Chapter 2. Transferring Files Using FTP
 - Added documentation of the new FWFRIENDLY configuration statement in the
   FTP DATA file as follows:
 
     The FWFRIENDLY statement specifies whether the FTP client will initially
     use passive connections for data transfers.
 
     Note: Since IPv6 data connections are always passive, this statement only
           affects IPv4 connections
 
       ---FWFRIENDLY--TRUE----
       |                     |
   >>------------------------------><
       |                     |
       ---FWFRIENDLY---TRUE---
                     |       |
                     --FALSE--
   OPERANDS:
 
     TRUE
       Turns on passive data transfers, which means the FTP client will initiate
       data transfers. This is the default.
 
     FALSE
       Turns off passive data transfers, which means the FTP server will
       initiate data transfers.
 
 - The description of the EPSV4 operand of the LOCSITE command was updated
   to clarify the statement only applies to IPv4 connections
 - The description of the NOEPSV4 operand of the LOCSITE command was updated
   to clarify the statement only applies to IPv4 connections
 - A description of the new FWFRIENDLY operand of the LOCSITE command was
   added.  This operand only applies to IPv4 connections and will enable
   passive data transfers.
 - A descripton of the new NOFWFRIENDLY operand of the LOCSITE command was
   added.  This operand only applies to IPv4 connections and will disable
   passive data transfers.
 - The example output in the LOCSTAT command has been updated to show the
   settings for FWFRIENDLY and EPSV4.
 - A note is added to the description of the PASSIVE subcommand to indicate
   that the LOCSITE FWFRIENDLY/NOFWFRIENDLY subcommand is the preferred
   method for managing the data transfer mode.
 - A usage note is added to the description of the PASSIVE subcommand
   describing its updated behavior.  The initial data transfer setting
   is governed by the FWFRIENDLY setting.  The first issuance of the PASSIVE
   subcommand will enable passive data transfers.  Subsequent uses will
   toggle the active/passive data transfer setting.
 - A usage note is added to the description of the SENDPORT command to
   clarify that it is ignored when passive data transfer mode is
   enabled.
 - Clarifications were made to the SENDPORT documentation to remove references
   to the EPRT FTP command.
 
Publication title: TCP/IP Messages and Codes
Chapter 2. FTP Messages
 - The following message is added to the FTP Client Unumbered Messages section:
 
   FWFRIENDLY value value is not valid. Default value used
                    _____
 
   Explanation: The specified value used on the FWFRIENDLY FTP DATA config-
   uration file statement is not valid. The default value of TRUE is used.
   Valid values are TRUE and FALSE.
 
   System response: Program execution continues.
 
   User response: If necessary, terminate the FTP session and correct the
   FWFRIENDLY keyword value in the FTP DATA file.
 
   Module: FTBVMSUB PASCAL
 
   Severity: Informational.
 
   Procedure Name: ReadVMFtpData
 
Publication title: TCP/IP Diagnosis Guide
Chapter 9. FTP Traces
  - The FTP Connection section is updated to reflect the current operation of
    the FTP client and server.
  - The FTP Client Traces section is updated to provide a current version of
    a client trace with updated descriptions.