NetPresenz v4.1
© 1992-97 Peter N Lewis
This program is $10 shareware.
NetPresenz was previously called "FTPd". This is the same program, albeit a new version. If you have a license to FTPd, that license is automatically a license to use NetPresenz (although there is an upgrade fee if you purchased FTPd/NetPresenz prior to Jan 1, 1996).
NetPresenz is dedicated to werner@rascal for his many years of devotion to the Macintosh Internet community. You have our thanks!
What Other People Have Said About NetPresenz
"The five-step configuration process is straightforward and easily customized. " - Matthew Hawn, MacWorld, May 1996.
"NetPresenz's $10 shareware fee is one of the best deals around." - Adam C Engst, TidBITS, Feb 1996.
"With all the other Internet server software going commercial, it's nice
to see a first rate alternative to commercial software for the Net." - MacWorld Online.
"rave reviews for FTPd" - Australian MacWorld, page 22, Jun 1993
4 Stars - MacWorld, May 1996.
1994 Derek Van Alstyne Rising Star Award - MacUser, Dec 1994
Cool Tools award from Apple - Sep 1994
USENET Macintosh Programmer Award - May 1995
Contents
NetPresenz is a Macintosh implementation of the WWW, Gopher and FTP server protocols.
It should be compatible with most FTP clients, and all WWW and Gopher clients.
Basically it allows your Mac to act as an FTP server so you (and others) can access
your files from anywhere around the world. Obviously there are some serious security considerations
you should look into before using this software (see the Security Considerations
section). NetPresenz requires System 7, MacTCP 1.1, and File Sharing enabled. It honours the Users & Groups privileges and passwords, and supports multiple logins,
anonymous FTP (user name "anonymous" or "ftp"), as well as MacBinary and BinHex transfers,
and the "MACB" FTP command. You can run NetPresenz as a foreground application (displaying the log), or as a background only application (use NetPresenz Setup to
toggle between the two).
Support WWW, Gopher and FTP connections.
Full CGI support.
Multiple simultaneous users.
Honours System 7 Users & Groups (in fact depends on them!).
Server Side Includes (SSI), counters and include files, file modification date and
so forth.
CGI authentication.
Missing files support.
Supports BinHex and MacBinary transfers.
Supports the MACB command.
Supports Alias resolution for directories and files.
Allows login to other AppleShare servers on the local network.
Allows different formats of a file to be fetched.
Pattern matching in change directory command.
Individual initial directory and commands for any user.
FTP site descriptions sent after login.
Directory descriptions sent after CD command.
Supports the CatSearch feature to allow very fast searches.
Remote site access restrictions.
ISO international character translation.
Allows setting of the owner, group and access permissions.
Allows users to change passwords on all logged in servers.
Supports Scrambled & Two-way passwords.
Supports process control (launching, listing or quitting applications).
Runs in the foreground or the background.
NOTE
: If you have problems logging in, check the Summary window and see if it gives you
any clues.
NOTE
: Some preferences are set with the Internet Config application (these are shared
between many different Internet applications, so you only have to set them once and
then all supporting applications will use them). Make sure you run Internet Config
at least once and set your personal preferences. If you don't save your preferences in
Internet Config, NetPresenz will not have any way to map extensions to types and
creators and MIME file types, so files transferred using WWW or FTP may not appear
correctly.
Before you can run NetPresenz, you must be running System 7, with File Sharing turned
on, and you must set up File Sharing to give appropriate privileges to users and
guests (including enabling guest logins if you want to allow anonymous logins).
For a user or guest to log in, at least one shared folder must be accessible to them.
Then you need to run NetPresenz Setup. Click on each icon in turn and set the configuration
as you want it. For FTP access, you must set the access levels in the FTP Setup
window. For Gopher, you must enable Gopher access and specify the root directory
in the Gopher Setup window. For WWW, you must enable WWW access and specify the root
directory in the WWW Setup window. Also enable CGI scripts if you plan to use them.
Other than that, the defaults will do.
By default, NetPresenz will run in the foreground displaying a simple log. If you
wish it to run in the background, choose Background Mode from the File menu in NetPresenz
Setup, optionally select the copy of NetPresenz to modify, and then click the Background Only checkbox followed by the Set button.
There are three types of FTP users:
Owner - The Macintosh owner (as defined by the Users & Groups owner name).
User - Anybody with a user name and password set up in the Users & Groups settings.
Guest - Anonymous logins (username of "ftp" or "anonymous", any password).
and there are four privileges:
None - No access.
Read Only - Access to read existing files, but no write access.
Upload - Access to read existing files, and add things to the file system, but not
change what is already there (including not overwriting existing files).
Full - Full access to the file system, read/write files, delete files and (empty)
directories, rename files.
You might also want to set up initial directories in the FTP Users window for some
users. Initial directories the first listing a User will see when they connect,
it is not an access restriction. Probably a default for all users will be sufficient,
but you can set up each user with their own directory if you want. The easiest way to
configure the default directory is to use the Choose button. The path it produces,
or the path you type in to NetPresenz Setup is the directory path as seen by the
user. So if you have a shared folder /harddisk/sharedfolder, and the user can only see the
sharedfolder, not the harddisk, then the path should be "/sharedfolder". The owner
can usually see the entire volume so you would set the owner path to "/harddisk/sharedfolder".
NOTE
: You should probably not set a default directory for the Guest/Anonymous user because
some silly clients (particularly clients where FTP is not their main concern, like
Netscape and the CompuServe FTP client) don't deal well with anonymous directories
that don't default to the root.
WARNING
: This does not add any security to your site, it simply sets their initial directory,
it does not constrain them to that directory. File Sharing is the place to enforce
real security. All NetPresenz access by the users goes through File Sharing in the
same way it would if you logged on from another Mac using the Chooser. Ensure that
this is secure and NetPresenz will be secure.
When you have finished setting up the privileges, you can create or edit the files
in the "Startup Messages" folder (which may reside either in NetPresenz's folder
or in the "NetPresenz Preferences " folder in the Preferences folder). The files
in the Startup Messages folder will be returned when the user with that name logs in. So for
example the "Peter Startup" file will be returned to the user named "Peter" when
he logs in, and the "Anonymous Startup" file will be returned when a user logs in
as either "ftp" or "anonymous". If a file doesn't exist for the user, the file "Default Startup"
will be used instead if it exists. Also, you can put a file "!Folder Info" in any
folder and it will be displayed to the user when they change into that directory.
The files should be text-only and will be converted to ISO 8859-1 before being sent.
Note that some clients may not display this information.
NOTE
: At most 5k is returned at one time, so restrict your files to reasonable sizes.
If you want to have the file listing of your site available (or any other large
file), put the listing into a file, and then refer to that file in your Startup or
!Folder Info files.
The WWW and Gopher servers uses the Guest access of AppleShare to define the visible
files and folders. Both require you to specify the root directory, which is the
directory the user will see when connected to your site without specifying a particular
path (eg http://yourmac.yoursite.com/). If you have a shared folder named "sharedfolder"
and a folder named "Pub", both of which are visible to guests, then type "/sharedfolder/Pub"
into the Root Directory field or use the Choose button and select the appropriate starting directory.
The WWW server does not return directory listings. When asked for a directory, it
returns the file "index.html" in that directory. So in the above example, when a
user asks for http://yourmac.yoursite.com/, NetPresenz will return the file "Harddisk:sharedfolder:Pub:Index.html". Alternatively, if you enable CGI scripts, you can use a
CGI script to return a directory listing (or any other information) since NetPresenz
will look for various other files like "index.acgi" or "index.cgi" if it can not
find an "index.html" file. An example script that returns the directory listing is include
in the CGI Examples folder.
With Gopher you can use the Gopher Listing menu item to change the names of files,
and to add links to other gopher servers. NetPresenz Setup will let you edit them
to change the names, or remove some of the links. You can also add an index entry,
which will let the user find files by specifying part of the name.
If you are running NetPresenz on a server or other dedicated Mac, you may prefer to
run it in the foreground, instead of as a background only application. It will get
a little more processing time, and be able to display the log file in real time.
The FTP Setup window allows you to restrict the maximum number of users connected
at any one time. Generally speaking this can be left as a large number (999). The
more users you expect, the more memory you should allocate. In our testing we used
the default partition of 750K to service over 12 simultaneous users without any problems.
The FTP port lets you server FTP from a different port. If you enable Simple Internet
Version Control NetPresenz will inform you when a new version of NetPresenz is released.
Decode Stored BinHex files causes NetPresenz to automatically decode incoming BinHex
.hqx) files. By default you should leave this enabled since NetPresenz automatically
encodes files as either BinHex or MacBinary at the FTP clients request (and BinHex
files are considerably larger than MacBinary files). The only situation you may need
to use this flag is when you are uploading files to be served from a web server (a
job which is really better suited to an FTP server).
Note
: NetPresenz will automatically decode incoming MacBinary (.bin) files. There is
no option to enable or disable this feature.
Add .hqx initially enabled presents all files with a resource fork as file.hqx in
any listings. When the client requests the file the file will be BinHexed on the
fly by NetPresenz. This flag should be switched off by default.
Honour Invisibles means NetPresenz will not list invisible folders (like the Desktop
Folder) in file listings.
Adding users under AppleShare can be laborious, so we have added scripting support
to NetPresenz Setup. NetPresenz Setup is now Apple scriptable with the commands
deleteuser, setuser, getuser and listusers.
By example:
tell application "NetPresenz Setup" deleteuser "user1" setuser "user1" directory "dir1" setuser "user2" directory "dir2" command "smnt volume:server@zone:username:password" getuser "user3" listusers
end tell
First, make sure that your AppleShare privileges are set up correctly. Tom Daley
reported to me that he had someone try to access his machine within three minutes
of first launching NetPresenz! So don't think you'll be safe if you're quick!
To use NetPresenz, simply put an alias to it in the Startup Items Folder and launch
it. After that it will run either in the foreground showing the log window, or as
a faceless background only application accepting connections. You can then use any
FTP client (like Anarchie or Fetch on Macs, or the standard Un*x ftp program), any Gopher
client (like TurboGopher), or any Web browser (like MacWeb or Netscape) to access
your Mac. For information on how to use them, see their respective documentation.
If you are also running NCSA/Telnet, make sure to disable its FTP server or people
will (randomly) get either its server or NetPresenz. You can Quit NetPresenz by
launching NetPresenz Setup and holding the option key down while you quit it, or
by using ProcessWatcher or AppleScript "tell application "NetPresenz" to quit".
A log file named "NetPresenz Log" is kept in the Preferences folder that records who
logged in or out and when, as well as what files they put or get.
You can reference your macintosh by looking up its IP number in your MacTCP or TCP/IP
control panel. (It also comes up in the log file when NetPresenz starts up.) Your
IP address is a dotted quad of 4 numbers, like 130.95.156.3 or 1.2.3.4. Then you
can use the URL:
http://1.2.3.4/ for WWW
or
ftp://1.2.3.4/ for FTP
...where 1.2.3.4 is your IP number. If you want to reference your machine by name
(like http://www.mymac.net/) then you need to have an entry put in your DNS by your
ISP (Internet Service Provider) or Network Admin.
DNS stands for Domain Name Server. The way machines actually find each other is by
IP number (a doted quad of numbers like 130.95.156.3)- but what we usually type is
a name like earwax.pd.uwa.edu.au or stairways.com.au. Your DNS looks up what IP
number is associated with the name of the machine.
There is, however, an additional complication if you are connecting using a modem
you are probably using PPP (Point to Point Protocol) and PPP links often (usually)
don't give you a static IP number- it varies every time you connect. Thus any links
to your page become invalid the moment you disconnect and reconnect. You can ask your ISP
whether it is possible to get a static IP number through them, and if so how much
it will cost.
As an extra feature, if a file "thefile" (for example) exists on the Mac, then you
can issue the following FTP commands to get different formats of that file:
get thefile - get the file in the current transfer mode.
get thefile.data - retrieves the data fork (in ASCII or binary).
get thefile.rsrc - get the resource fork of the file (binary mode only).
get thefile.info - get the info fork of the file (binary mode only)
(the info fork is the same format as the first 128 bytes of the MacBinary file).
get thefile.hqx - get the file after converting it to BinHex format.
get thefile.bin - get the file after converting it to MacBinary format.
(you can also use .mb, .macbin, .macbinary) (binary mode only).
Also, you can put BinHex or MacBinary files and they will be converted automatically:
put thefile.hqx - put the file after converting it from BinHex format.
put thefile.bin - put the file after converting it from MacBinary format.
(you can also use .mb, .macbin, .macbinary) (binary mode only).
Fetch and Anarchie will both transfer in MacBinary format, which means the file will
be exactly duplicated from one Mac to the other, so you can ignore all this.
NOTE
: All of these examples assume you're using the standard Un*x FTP client. If you're
using some other system consult its documentation for the equivalent commands. Also,
when using the Un*x ftp client watch out for usernames with spaces in them if you
type "user fred bloggs" it thinks the username is fred and the password is bloggs,
instead type "user "fred bloggs"".
The dir command also support various unix-like flags, including CspFl (for columnar
display, display size in k, display directories with a / on the end, and long display),
eg:
dir -CF
NetPresenz also supports the "MACB" command, which allows you to get the file in MacBinary
mode.
quote macb e - turns MacBinary transfer mode on.
quote macb d - turns MacBinary transfer mode off.
To enable access to another file server the appropriate users must have the "Remote
Mounting" enabled in FTP Setup. By default only the owner can mount volumes.
All privileges are contingent on having the appropriate privileges through AppleShare.
Thus if a particular user can't access a particular volume using AppleShare they
won't be able to through NetPresenz either (even if you give them Full access).
The same applies for other servers of course.
NetPresenz works fine with CAP servers and Netware Macintosh servers, but you'll have
to enable Clear Text passwords in the Security window. This is a slight security
flaw, but since the password gets to NetPresenz in plain text, it's not much worse
than normal.
If you normally want to have the users able to access a remote server right away then
the easiest way to do this is to add a SMNT command in the "Login Commands" of the
"Default" entry in FTP Users. Or you may want to tell the users about being able
to mount other servers by putting a note in a "!Folder Info" or Startup Message file.
For WWW and Gopher users, you can mount other servers by adding an SMNT command to
the Guests user in the FTP Users window.
You mount remote AppleShare volumes using the "SMNT" command like this:
quote smnt volume:server@zone:username:password
@zone defaults to @*, and the username and password default to your login username
and password (this is a slight security risk, but you shouldn't leave any FTP connection
unattended any more than you would leave a telnet connection unattended, so it should not be a problem). So to mount HardDisk on machine TheMac in your zone, using your
username and password, you can type:
quote smnt HardDisk:TheMac
To mount all disks on a Mac named "server" in your zone, just type:
quote smnt server
Note
: Site commands in the "Login Commands" section of the FTP Users window do not require
the quote prefix (quote tells the FTP client to pass the following text through without
interpretation, unnecessary in NetPresenz).
Note
: NetPresenz does not handle Server or Zone names with spaces in them.
Other commands include:
quote site u - display current usage stats (memory, connection, users, etc).
quote site v - display site statistics (number of logins, total transferred, etc).
quote site s - use short (8.3) names. Looks like a PC (yuck).
quote site l - use long (31 character) names. Default (much better).
quote site h [e or d] - enable/disable adding ".hqx" to the end of all files in directory
listings.
quote site q - quit the server (the user must be the owner).
quote site index <search> - list the files that contain <search> in their name.
Caveat: This doesn't work for AppleShare 2.0.* volumes. Also, it only uses long (31
character) names, irrespective of the short/long setting.
quote site p <password> - change your password. You must issue this three times in
succession without any intervening commands, the first one with your old password
as a parameter, and the next two with your new password. This will change your password
on all currently logged in servers.
quote site c p <rwxr-x---> <directory> - set the permissions for a directory.
quote site c o <owner> <directory> - set the owner of a directory (the owner name
cannot have any spaces in it - sorry).
quote site c g <group> <directory> - set the group of a directory (the group name
cannot have any spaces in it). You can use "none" as a group name to set it to no
group.
quote site a list - list running processes.
quote site a nlst - list names of running processes.
quote site a oapp crea - launch application with creator type "crea".
quote site a quit crea - quit application with creator type "crea".
Also, you can use pattern matching in the cd command. Eg:
cd "/HD/System Folder"
cd /HD/System?Folder/pref*
cd /HD/syst*
cd /HD/Sys*fol*
You can use "quote help" to find out some information on the other commands.
quote help
quote help pass
quote help site
quote help "site f"
The multiline response returned by the login command sequence, the cd command and
the help command may confuse some old FTP clients. This feature can be disabled
by inserting a dash "-" before either your username or password (which means you
will have to put an extra dash before any username or passwords which start with a dash, but that's
probably not a problem :-)
NetPresenz supports the HTTP protocol which the protocol behind wildly popular
World Wide Web. It has Server Side
Includes, a full CGI architecture, Java and missing files support.
To allow WWW access to your machine you need to enable WWW and configure the root
directory in NetPresenz Setup's WWW Setup window, as well as enabling Guest access
via AppleShare.
WWW types are determined from the Internet Config file mappings database, so make
sure you have configured that correctly.
Note
: Problems can occur when you do not have the default file mappings in your Internet
preferences. This can come about when an application other than Internet Config
creates the Internet preferences file and doesn't include all the default file mappings
or the Internet preferences file becomes corrupted.
If you have problems with your files showing up as plain text when they should be
HTML, or GIF files that don't display in your browser window, delete your Internet
Preferences, run Internet Config and re-enter your personal preferences.
Extensive examples of HTML, Server Side Includes and CGIs are given in the Example
folder. The following sections simply document NetPresenz's capabilities, see the
Example folder for working examples of these features.
Server Side Includes are a simple way to introduce dynamic content into your web pages.
SSIs are additional HTML tags (using the HTML comment format) which the server parses
as the pages is uploaded.
To use Server Side Includes you must name the file with a .shtml suffix. NetPresenz
always looks for the .shtml file first. If you refer to a web page called "truffles.html",
NetPresenz will first look for a document called "truffles.shtml", then it will look for document called "truffles.html".
Document Information
These tags apply to the document in which they are inserted.
<!--#echo var="document_name"--> Name of the current document.
<!--#echo var="document_uri"--> or <!--#echo var="script_name"--> Absolute path from
the WWW Root Directory of the current document.
<!--#echo var="last_modified"--> or <!--#fsize--> Displays the file size in bytes.
File Information
These tags are used to refer to other files.
<!--#include file="filename"--> Inserts the contents of the file "filename" into
the HTML document at this point.
<!--#fsize file="filename"--> Inserts the file size of the file "filename" in bytes.
<!--#flastmod file="filename"> Inserts the modification date.
Note
: Instead of using file="filename" you can use virtual="/fullpath/filename". The
file argument is relative to the referring document, the virtual argument is an absolute
path from the WWW Root Directory.
Counters
Counters are maintained internally by NetPresenz. Each counter is given a name.
Every time the counter is accessed using the #counter tag NetPresenz increments the
counter. Counters are maintained between quits.
<!--#counter var="counter_name"--> Displays and increments the counter.
<!--#echo var="counter_name"> Displays but doesn't increment the counter.
<!--#silent_counter var="counter_name"--> Increments but doesn't display counter.
Currently there is no way to zero a counter. Just use a different name.
Information About the Client
These tags insert information about the computer which is requesting the information.
<!--#echo var="query_string"--> The query string which was used to discover this
document. May be blank.
<!--#echo var="remote_host"--> or <!--#echo var="remote_addr"--> The client's IP
number.
Server Information
Information about the server and the server machine.
<!--#echo var="server_name"--> The server's DNS Name.
<!--#echo var="server_software"--> The server software's name and version number.
<!--#echo var="server_port"--> The port the server software is running off (usually
80).
<!--#echo var="date_local"--> The local time.
CGI scripts must be applications (so you must save AppleScripts as applets for example).
They also must have a file extension of ".cgi", ".acgi", or ".fcgi". With ".cgi"
scripts are executed synchronously (that is, NetPresenz stops processing all other
requests until the script responds). The other two forms are executed asynchronously
- NetPresenz asks the script for a response but continues processing other connections
while the script executes. In general you should use ".acgi" unless there is a good reason not to.
CGI scripts can do lots of cool things, check out the Showcase folder for some ideas.
There are lots of other CGI scripts available on the Internet, check out the util/comm/www
folder on the UMich archive for lots of interesting scripts.
Warning
: NetPresenz will not execute a CGI which is in a publically writable folder. Make
sure that Guests do not have Make Changes enabled in the Sharing... information of
the folder containing the CGI.
NetPresenz supports Java. Java examples are given in the Examples folder.
Note
: If you are having problems serving Java applets make sure you have the Java
file mappings
in your Internet Config File Mappings. The Java file mappings are in the default
file mappings in Internet Config 1.3. If your Internet Preferences were created
in an earlier version of Internet Config you may have to open Internet Config, click on
the File Mappings tile and select Defaults. This will update your File Mappings to
those present in Internet Config 1.3 (although you will lose any new file mappings
you have added).
NetPresenz has excellent missing file support. If a file is requested which is absent
NetPresenz searches backwards up the directory structure for a 'Missing.shtml|html|cgi|acgi|fcgi'
file. If the client looks for:
/dir1/dir2/dir3/nothere.html
NetPresenz looks for (in order):
/dir1/dir2/dir3/missing.shtml
/dir1/dir2/dir3/missing.html
/dir1/dir2/dir3/missing.cgi
[ etc ]
/dir1/dir2/missing.shtml
/dir1/dir2/missing.html
...and on on. Since CGIs are passed the original URL (with the full path) a clever
CGI could 'fake' the existence of the missing file, or at least respond intelligently
to the absence of the missing file.
NetPresenz also supports the Gopher protocol, mainly designed to simplify anonymous
FTP. You can get several Mac clients for Gopher, including TurboGopher, from the
usual FTP sites.
To allow Gopher access to your machine you need to enable Gopher and configure the
root directory in NetPresenz Setup's Gopher Setup window, as well as enabling Guest
access via AppleShare.
Gopher types are determined from the Mac file type (you can edit STR# 180 to add other
types).
You can also add links from your machine to other servers. Launch NetPresenz Setup,
choose Gopher Listing and select your gopher directory. You might also like to
add an index entry to the directory - users who connect to your gopher server can
use this to search for files by name.
"Be afraid. Be very afraid" - The Fly
Allowing NetPresenz to run on your Mac poses huge security questions. Some of the
same security questions are also posed by System 7 File Sharing. However with NetPresenz
they are much worse because you're making your Mac accessible to everyone on a world wide network. Things you definitely should do:
Disable guest logins unless you actually need them. You need guest logins enabled
for anonymous FTP, and Gopher or WWW access.
If you want a few people to have access, perhaps a better idea than guest login is
to give them a single account with a shared password. This is more secure than guest
logins, since no matter how many people they tell the password to, it will always
be less than the number of people who could log in as guests.
Disable remote mounting to guests or users. Again, most people don't need access
to volumes other than those directly on your Macintosh (That is the Entire Volume
and Shared Folder volumes). You Definitely Should Not allow access to other volumes
on the network if you do not control them, and you Definitely Should inform the administrators
of any other servers on the network that you will be allowing access to them so that
they can secure their servers as well.
Only share a small portion of your file system. That way you don't have to worry
about the rest of it. You, as the owner, can still get access to it by using the
Users & Groups control panel to turn on the "Allow user to see entire disk" checkbox
for your user.
Verify that the file sharing privileges are set correctly. A good start is to change
everything to owned by you and only visible/modifiable by you. Then change the privileges
on areas that you want to give users and guests access.
Keep your password secure! Anyone on the Internet with your username, machine address
and password will likely be able to delete every file on your harddisk. This is
a scary thought. You should be scared. Don't give your password out and don't use
an obvious password. Obvious passwords include, but are not limited to, any of the following
patterns (in decreasing obviousness)...
your user name.
your real name.
your initials.
your husband's/wife's/girlfriend's/boyfriend's/dog's/frog's/machine's etc name.
your car licence plate, make, model, etc.
your birthday.
your student/MediCare/social security/tax file/etc number.
any of the above backwards.
any word from a dictionary (especially an electronic dictionary).
Good passwords can be found by making up nonsense words or using
letters from a common saying and by including non-alphanumeric ASCII
characters.
Invalid login attempts are logged to a log file in the Preferences folder (assuming
logging is enabled). Check the log file regularly to improve your security.
If in doubt, don't run NetPresenz. I can't accept any liability for any problems.
I have done my best to make sure it is secure. If that is not good enough, don't
use it. It's as simple as that.
FTP can use a lot of bandwidth and so you should check with the system administrators
on your network before setting up an FTP site for anything more than personal use.
Also, since NetPresenz can make other servers on the entire AppleTalk Internet available
for FTP, you should ensure that the administrators of such machines (including anyone
who has File Sharing enabled on their Mac) are aware of this before you allow remote mounting.
I can't accept any responsibility if you use this software in an irresponsible manner
(in fact I won't accept any responsibility no matter how you use this software!).
As long as you disable remote mounting and don't try to become the next Info-Mac
archive, it shouldn't be much of a problem, but check with your network administrators anyway.
NetPresenz & NetPresenz Setup require System 7 with File Sharing turned on, MacTCP
1.1 or OpenTransport 1.1 (or later versions) and probably require the 128k ROM (or
later). NetPresenz should work fine with MacTCP 2.0.6 or Open Transport.
AutoDoubler users should exclude the folders that are shared with File Sharing. Also,
AutoDoubler causes uploads from the local machine to fail with an I/O Error - uploads
from other machines seem to work ok, and it's useless to upload from the same machine anyway, so this should not be a problem.
NetPresenz requires File Sharing or AppleShare which in turn requires AppleTalk.
If you are on a serial network (eg SLIP or PPP), then you may not have an AppleTalk
network and you may not want to waste a serial port just to turn AppleTalk on. You
can get around this by using a Dummy network device which will let you have File Sharing
on without any physical network connection.
If you use MacTCP you can use Dummy Adev:
<ftp://ftp.stairways.com//stairways/thirdparty/dummy adev.sit.bin>
or (especially if you have a Duo), try Single Talk:
</info-mac/comm/atlk/single-talk-11.hqx>
If you use Open Transport you can use the Remote Only extension which comes in the
Open Transport Extras directory of the Open Transport 1.1.1 installation.
This program is Shareware, which means if you use it, you must pay for it. A single
user license costs US$10. The upgrade is free if you purchased your copy of FTPd/NetPresenz
after January 1, 1996. Otherwise the upgrade is 50% of the normal price.
Note
: A single user license means you may run a single copy of NetPresenz with any number
of people connecting and using the server. If you wish to run more than 50 copies
of NetPresenz you should consider purchasing a Site License. (See the next section.)
You can pay in one of two ways: on-line registration using a web browser, or off-line
registration using the Register program.
Our online registration can be found at:
<
http://newts.kagi.com/cgi-bin/register1.cgi?PL>
Or, using the Register program, you need to...
1. Get hold of a copy of the Register program:
Register is distributed with Anarchie 2.0.1 and NetPresenz. You can also get Register
from:
<ftp://ftp.stairways.com/stairways/>
..or there are download links on the following Web page:
<http://www.stairways.com/register/topay.html>
2. Run the Register program and fill out the form:
You need to enter your name, email, postal address, and the shareware you wish to
pay for. The form accepts many different payment methods such as: US Check, Money
Order, Cash (in many different currencies), Visa, Mastercard, American Express, First
Virtual, and Invoice (to be given to your accounts payable department).
3. Send it to Kagi Shareware:
Then either email the data generated by the registration program or print it and send
it via postal mail or fax. Credit card information is encoded by the Register program.
The address to send the completed form is output by Register when you Print or Copy
the completed form. The addresses are:
Email: shareware@kagi.com
FAX: +1 510 652 6589
Snail-mail:
Kagi Shareware
1442-A Walnut Street #392-PL
Berkeley, California, 94709-1405
USA
You may distribute this program any way you wish as long as you don't charge for it
(reasonable download costs such as Compu$erve are ok (although who would call Compu$erve's
download costs reasonable?)). You must distribute the package in its entirety.
We don't guarantee any support, but we always answer my Email. If we don't answer
Email it is because your message didn't get to us, or our reply bounced, so please
try again and include a valid Internet address if you can.
You MAY NOT DISTRIBUTE this program on any disk or CD without our explicit permission.
Australians may pay in Australian dollars direct to us if they prefer.
World-wide license: US$2000
Universities or companies site license: US$500
Curtin University and the University of Western Australia are exempt.
A site license covers usage of NetPresenz on an unlimited number of machines within
100 miles of some arbitrary central point which are owned by the licensed organization.
(A site license will not be useful unless you intend to run more than 50 copies
of NetPresenz.)
World Wide licenses remove the 100 mile radius restriction.
If you purchase a site license, contact us for information on how to make this program
automatically set the "I Paid" flag in the FTP Setup dialog.
You can limit the machines that can access your site by restricting access to certain
IP ranges. Because this would be very messy to do in a sensible user interface,
the only way to set these restrictions is by using ResEdit. From ResEdit, create
a STR# resource (in either the NetPresenz Preferences file or NetPresenz (the former overrides
the latter), give it an id in the range of 600-699, and a name ending of:
"<username> Site Restriction" where <username> is the user you are restricting.
"Owner Site Restriction" to restrict the owner.
"User Site Restriction" to restrict any unspecified user.
"Anonymous Site Restriction" to restrict anonymous logins.
"Default Site Restriction" to restrict anyone not specified above.
NetPresenz checks them in that order (for gopher restrictions, it checks Anonymous
Site Restriction or Default Site Restriction). Each resource consists of a sequence
of pairs, IP number, IP mask, both in dotted decimal format (eg 134.7.70.70). The
remote IP is checked against the IP, with only the bits in the mask being relevant. If
it matches then the user is allowed access. If it matches, but the IP string started
with an exclamation mark then access is disallowed. The last match overrides previous
ones, and if there are no matches then access is denied.
By default, NetPresenz has a single "Default Site Restriction" STR# resource, which
contains 0.0.0.0, 0.0.0.0 so access is allowed from anywhere.
Here are some examples, first if you just wanted to restrict anonymous logins to inside
134.7, and everyone else has no restriction, then you create two STR# resources,
either in NetPresenz Preferences (which is checked first) or NetPresenz, like this:
"Anonymous Site Restriction": 134.7.0.0,255.255.0.0
You don't need to create the "Default Site Restriction", because it already exists
in NetPresenz, if you wish to override the default, either change it in NetPresenz
or add a "Default Site Restriction" to NetPresenz Preferences.
Ok, and a more complicated one, say you wanted anonymous access to everywhere inside
134.7 except 134.7.70.70, user access to everywhere inside 134.7 and 130.95, user
"Fred" and the owner access from everywhere, do this:
"Anonymous Site Restriction": 134.7.0.0,255.255.0.0, !134.7.70.70,255.255.255.255
"User Site Restriction": 134.7.0.0,255.255.0.0, 130.95.0.0,255.255.0.0
"Owner Site Restriction": 0.0.0.0,0.0.0.0
"Fred Site Restriction": 0.0.0.0,0.0.0.0
Note
: These restrictions apply only to the control connection, not the data transfer connections,
so it is still possible to use proxy-ftp to transfer files directly to a restricted
machine, but the user must be connected from an allowed site.
This program should do what I've described in this document. If it doesn't, you can
simply stop using it. If you pay me, and within a year find that it doesn't do what
I describe here, then you can notify me and I will refund your money and cancel your
license.
Peter Lewis and Stairways Software Pty Ltd hereby disclaims all warranties relating
to this software, whether express or implied, including without limitation any implied
warranties of merchantability or fitness for a particular purpose. Peter Lewis and
Stairways Software Pty Ltd will not be liable for any special, incidental, consequential,
indirect or similar damages due to loss of data or any other reason, even if Peter
Lewis, Stairways Software Pty Ltd, or an agent of his has been advised of the possibility of such damages. In no event shall Peter Lewis or Stairways Software Pty Ltd
be liable for any damages, regardless of the form of the claim. The person using
the software bears all risk as to the quality and performance of the software.
US Government
:
Government End Users: If you are acquiring the Software and fonts
on behalf of any unit or agency of the United States Government, the
following provisions apply. The Government agrees:
(i) if the Software and fonts are supplied to the Department of
Defense (DoD), the Software and fonts are classified as "Commercial
Computer Software" and the Government is acquiring only "restricted rights"
in the Software, its documentation and fonts as that term is defined in
Clause 252.227-7013(c)(1) of the DFARS; and
(ii) if the Software and fonts are supplied to any unit or agency
of the United States Government other than DoD, the Government's rights in
the Software, its documentation and fonts will be as defined in Clause
52.227-19(c)(2) of the FAR or, in the case of NASA, in Clause
18-52.227-86(d) of the NASA Supplement to the FAR.
Thanks to RobT for suggesting the idea, to Quinn for demanding the use of System 7
U&G, and to Jager for figuring out how! Thanks to Quinn (again :) for the amazing
icons and to Greg for colouring them in. And special thanks again to Jager and Quinn
for figuring out my async problems! And, of course, thanks to Stuart for delaying the
release of this program for ages by making LOTS of suggestions, finding LOTS of bugs,
and by writing Bolo! Thanks also to the UCC, Todd, Steve, c.s.m.p, archie.au, ftp.apple.com, Farhad, Tom, Andr'e, Aron, Ben, David, Gregory, Guy, Igor, Jim, John, Ken, Leonard,
Frederic, Pete, Peter, Richard (who won the award for the most mail messages (after
Quinn)), Rob, Russell, Thede, Tom, Zep, and anyone who uses NetPresenz!
I can't describe how important the beta testers have been in making NetPresenz what
it is, without them NetPresenz would not be a shadow of what it is now. So special
thanks go to all of you who made suggestions or pointed out problems. I tried to
list you all, but I gave up, there are just too many. Some of you made so many suggestions
I couldn't count them all. Some of you analysed the network packets to find out
what was happening and explained where I was going wrong. Some decompiled my code
and sent it back to me with corrections. Some made suggestions that involved tiny changes
with great benefits. Some made outrageous demands which I refused to do, and others
outrageous demands which I eventually did. All of these would have been missing
if I was working on my own. Thanks.
Thanks also to Mike Marburger for the closing sound.
NetPresenz listens for TCP connections on port 21. When a connection is achieved,
it waits for commands to be sent to it. Commands all have a simple form, there is
a 3 or 4 character command (eg, RETR for retrieve file), and some parameters (eg,
filename). NetPresenz interprets these commands, carries out their actions, and replies with
a one line message, the first three characters of which are a 3 digit reply that
can be interpreted by the FTP client, then the rest is human readable information.
The reply codes are 1yz for preliminary success (action started), 2yz for complete success
(action finished successfully), 3yz for intermediate success (requires another command
before any action is taken), 4yz for temporary failure (try again later), and 5yz
for permanent failure (give up and go home). For more information on the formats of
these commands see the various FTP related RFCs. Some commands may reply with a
multiline response, in which the first line begins with a three digit response code
followed by a dash "-" followed by several lines of text and terminated by a line with the
same response code and a space followed by some text. This confuses some servers,
you can disable this feature by starting your username or password with a dash "-".
NetPresenz also listens to port 70 for gopher connections. It then accepts a single
line specifying either a folder, file, or index, and returns the info for it. The
gopher server logs in as an AppleShare guest user, so guest access must be enabled
(it was either that, or NetPresenz would have to know a user password, which I wanted to
avoid). The root of the gopher tree is specified by the login directory for fake
user "Gopher" (it defaults to /). This root is enforced, so you can't have aliases
pointing to folders outside this area (well, you can, but it won't work very well). Aliases
to files outside the area work. You can reduce this restriction with the "GopherRoot"
user directory, but that will allow anyone knowledgeable in the gopher protocol to get at any file inside that root.
NetPresenz talks to the file system on the local Mac (and other servers) exclusively
by using the same protocols as if it were accessing an AppleShare server (the single
exception is the startup messages which are read via normal file system calls).
The user logs in by giving a user name and password. This in turn is passed to the System
7 server (or AppleShare server) and an attempt is made to log in to the server.
If the log in fails, an attempt is made to log in as a guest user. If either attempt
succeeds, the volume is made available to the user. If the user tries to log in as either
the owner or a user, they must successfully (non-anonymously) log in to at least
one local volume or the whole connection is disallowed. Since all file system access
is done through the AppleShare protocols, it should be virtually impossible to circumvent
their protections. You should set up your system in such a way that irrespective
of the privileges in NetPresenz Setup (which are not guaranteed in any way!) the
user cannot do too much damage. Thus users and guests should only have write privileges
to areas of your file system that you wish them to be able to trash.
[ Home | Subject Index |
Feedback ]