Nm-cids and packet flow
Hi,
I have some questions regarding the ids module. A router is connected to the internet and is using the software firewall. There is also a NM-CIDS in the router.
1) What is the sequence when a packet arrives from the internet?
Is it internet -> firewall -> ids?
2) Does the command "ids-service module monitoring" imply that traffic is sent to the IDS inbound and outbound?
3) The event viewer in the IDM shows a lot of events. Does it mean that the firewall is not dropping the packets? Is the IDM the only place to monitor the events or can they be sent to a syslog server?
4) In case there is an event, what can the module do to block the attack since it is not in line?
Thank you,
Best regards,
Pascal
1) If there is no encryption then the packet is copied to the NM-CIDS after all router features (including firewall as well as NAT/PAT) have been done. I am about 90% sure on this. There is the possibility of a few features being done after the copy that I may not know about.
If NAT has been done then the packet itself will have the translated ips, however, the packet has an additional headers that tells the NM-CIDS wha the untranslated IPs are, and the analysis and alerting is done with the untranslated ips from the additional header.
When there is encryption involved, then incoming decryption is done with all other router features before copying to the NM-CIDS. But the outgoing encryption is the one feature done on the packet After it is copied to the NM-CIDS. This way the NM-CIDS always gets copies of unencrypted packets.
2) The command on an interface implies that all traffic coming in as well as traffic going out will be copied to the Nm-CIDS.
3) If IDM shows alerts, then I am pretty sure this means that they are making it through the firewall features (not being dropped) and making it to the other network.
I recommend using IEV for monitoring the alerts if you have a small number of sensors.
If you have a large number of sensors then I would recommend CS-MARS for monitoring.
IEV files:
http://www.cisco.com/cgi-bin/tablebuild.pl/ips-ev
NOTE: There is not a User Guide specifically for the latest version. To get a basic understanding look at the User Guide for the older version 4.x IEV:
http://www.cisco.com/en/US/docs/security/ips/4.0/configuration/guide/idm/swchap6.html
NOTE: Syslog is not supported for IPS events.
4) The NM-CIDS does support the Blocking feature. With the Blocking features the NM-CIDS is able to telnet back into the router and create an ACL. The ACL can then deny the IP Address of the attacker.
It can not deny the actual packet that triggered the signature, but the ACL can deny additional packets coming from that attacker/source address.
To read more on the Blocking feature:
http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a00807517a6.html
Similar Messages
-
Packet flow on ASA 8.3 changed ?
In Earlier version 8.2 we used to put permit statment on mapped interface however in OS starting 8.3 access-list entries should have real address .
Example
Lan Server/Real ( 192.168.1.2 )
Outside IP/Mapped ( 202.202.202.202 )
Configured NAT
ASA 0S 8.2 and earlier
access-list outside_in extended permit ip host 4.2.2.2 host 202.202.202.202
ASA OS 8.3 and later
access-list outside_in extended permit ip host 4.2.2.2 host 192.168.1.2
In earlier OS packet used to come on outside interface after which ACL was checked , if the ACL permits traffic packets flows further for NAT process
In newer OS packet is coming to outside interface after which NAT is taking place , once the NAT is done mapped ip is changed to real ip and ASA checks for ACL . Dont you think in newer OS CPU will be used much because every packet with 202.202.202.202 is doing NAT while I have blocked all ip and allowed only 4.2.2.2 to access it ?You are right, with the change to the new NAT-model, there was also the change in the ACL that you mention. One benefit of the new model is that you have less to reconfigure if you change your ISP (and you don't have PI-addresses).
The CPU didn't change that much on my ASAs after upgrading from 8.2 to 8.3 and higher.
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni -
Java Library to drop the incoming packet flow
hi there,
i m planning to make application layer filter. i need to drop the flow of incoming packets. So can anyone suggest me any java library which is able do this?
or else if i have to create my own library then how can i proceed in that?thnx oscar 4 ur reply...
actually i want to drop the incoming packets which r coming from restricted URL. means any how i want to restrict the user to see the particular webpage.
so if cant hav this low level API in java, then can u suggest me how to implement it in other way?..
i hav to make this project in JAVA only.
i have got one API named "libipq" (source: snort.org) which can drop the packet flow. But this API is for linux OS and i want to implement on windows... pls help -
Wireless packet flow explanation
Hi My requirement is very simple , I will appreciate if someone can explain me the following concept as per the diagram mentioned below
I have 2 APs AP1 and AP2, both connect to switch on port f0/1 and f0/2 , the switch f0/3 inturn connects to a router on f0/0 , router's interface f0/1 connects to another switch which is wired network with ip add 192.168.2.0/24 .
1. APs broadcast 3 ssid (management , guest , cisco) respectively , how would the data flow happen for user connected to SSID cisco when pings another user connected to SSID guest , and how would data flow happen when user in SSID cisco ping a user 192.168.1.100 some user is wired network.
you can assume both the APs are autonomous and there is no controller.
I am looking for explanation in terms of frame tagging and packet encapsulation and depacsulation at various stages.
you can assume the IP nd vlan number on wireless network as you like.
2.if you are not tired yet then one mroe question with same topology , but this time the APs are lightweight and the controller is in a different subnet 192.168.1.0 , assume that the AP is already registered with controller , now how would the same above communication happen ,
I am looking for explanation in terms of frame tagging and packet encapsulation and depacsulation at various stages.
you can assume the IP and vlan number on wireless network as you like.
If you can refer me some doc its fine with me , I already went through many documents and nuggets , I do have a clear picture.
Thank you1.
client to AP ===> 802.11 frame.
AP to client ===> 802.11 frame. At AP, received wired side ethernet frame removes the ethernet header with tag and encapsulates the IP packet using 802.11 header with right Bssid for that vlan.
AP ethernet to switch interface ===> Tag/UnTag Ethernet frame. At AP, received 802.11 frames removes the 802.11 mac header, the inner packet will be used to encapsulate using ethernet frame with Tag based on received Bssid.
ARP request - Broadcast packet sent by wireless client to AP as unicast. Once it decapsulates the 802.11 header, the inner IP packet hits the wire on that broadcast domain to reach upstream wired switch and wireless on same AP.
2.
AP to WLC ===> capwap/lwapp. 802.11 packets are encapsulated on L3 IP-UDP.
WLC to AP ===> capwap/lwapp.
All the client (802.11) packets are encapsulated in a LWAPP packet by the LAP and sent to the WLC. WLC descapsulates the LWAPP packet and acts based on the destination IP address in the 802.11 packet. If the destination is one of the wireless clients associated to the WLC, it encapsulates the packet again with the LWAPP and sends it to the LAP of the client, where it is decapsulated and sent to the wireless client. If the destination is on the wired side of the network, it removes the 802.11 header, adds the Ethernet header, and forwards the packet to the connected switch, from where it is sent to the wired client. When a packet comes from the wired side, WLC removes the Ethernet header, adds the 802.11 header, encapsulates it with LWAPP, and sends it to the LAP, where it is decapsulated, and the 802.11 packet is delivered to the wireless client
check:-
https://supportforums.cisco.com/message/3489064#3489064
https://supportforums.cisco.com/message/3717713#3717713 -
Need to Understand the Packet Flow
Dear Friend,
I need to understand the packet flow of the below diagram.
I have configured MPLS on R2,R3 and R4. And IBGP is configured on R2 and R4. Now I am able to reach from R1 to R5's Loopback address. I need to understand the packect flow from R1 to R5 like If I ping from R1's Loopback to R5's Loopback address then Source IP is 1.1.1.1 and destination IP is 5.5.5.5. What will be the packet structure at R2, R3,R4...??????????
Please explain in details......Me really confused as R4 has not route about 5.5.5.5 also 1.1.1.1...How it forwards the packets??????Sanjib
So R2 and R4 are PE devices and R3 is a P device ? And you are not doing MPLS VPNs, just normal MPLS ?
If so R4 must have a route to 5.5.5.5. Did you mean R3 does not have a route ?
With MPLS any P device only knows how to get to other P devices and PE devices. It does not know about any networks outside the MPLS network. The PE devices have routes to any external networks connected to them and know how to get to P and other PE devices.
Note that in terms of PE/P reachability the routing/LDP information has already been exchanged and an MPLS forwarding table built. So for reachability between PE/P routers (ie. not outside the MPLS network) route lookup do not need to be performed, it is simply a matter of removing and adding labels.
So assuming you are not using MPLS VPNs and that MPLS labels have been exchanged between all P and PE routers -
R1 pings 5.5.5.5
1) R1 does a route lookup for 5.5.5.5 and sends it to R2.
2) R2 is a PE device. It does a route lookup for 5.5.5.5 and sees R4 as the next hop (this route has been exchanged via MP-BGP).
3) R2 then need to send the packet to R4. To do this it looks in it's MPLS forwarding table to see how to get to R4. The MPLS forwarding table tells it which label to attach to the packet. It adds this label and sends the packet out of it's interface to R3.
3) R3 is a P device. It does not need to do a route lookup for 5.5.5.5. It simply looks at the incoming MPLS label and consults it's MPLS forwarding table. It will have an entry in it's table saying that an incoming packet with an MPLS label of x should be sent out with an MPLS label of y. It changes the label and sends it out to R4.
4) R4 receives the packet, removes the label, does an IP lookup for 5.5.5.5 and sends it to R5.
Note that actually R3 might not add a label as there is something called Penultimate Hop Popping where if the net hop from the P router is a PE router it sends the packet without a label to save extra processing on the PE router. If you had multiple P routers only the last P router before the PE router would do PHP.
The key thing to understand is that the P devices don't do route lookups when forwarding data. They simply switch labels. Whereas the PE devices do need to do route lookups for destinations outside the MPLS network.
Jon -
UCCX7 - Monitoring/Recording packet flow behavior
Hi,
I have single UCCX7 box which all services include monitoring/recording started and want to understand the packet flow behavior with CAD application.
1. Monitoring, Desktop capture mode
1) in CSD, select CAD and click "start Monitoring"
2) copy the RTP packets from agent IP Phone to CAD via IP Phone "SPAN port" feature
3) CAD sends the RTP packets to CSD and CSD able to hear the agent IP Phone conversation via CSD's sound card
->please advise whether the steps are correct!!
2. Monitoring, Server capture mode
1) how start the monitoring?
2) where the actual file stores? which directory in UCCX box?
(**I know UCCX's 2nd NIC which configured to VOIP monitor receiving RTP packets via switch's SPAN port but don't know how the monitoring start and where the file stored)
3. Recording, Desktop capture mode
1) click "start Recording" in CSD or CAD (CAD=add button from work flow user interface)
2) copy the RTP packets from agent IP Phone to CAD via IP Phone "SPAN port" feature
3) where the actual file stores? CAD box or CSD box?
(**I know CSD can retrieve the recorded file and have an option to save but don't know where the recorded file retrieved)
4. Recording, Server capture mode
1) how start the recording?
2) where the actual file stores? which directory in UCCX box?
Advise please!!Hi,
1. This is correct. CSD sends the startMonitoring message to CAD directly. CAD sends RTP packets to CSD directly and CSD plays them.
2. CSD sends startMonitoring to UCCX server. Since the agent phone is spanned to the UCCX server's VOIP Mon NIC, the server then traps the packets and sends them back to the CSD which plays them.
3. Recorded files are stored in TO and FROM .raw format in C:\Program Files\Cisco\Desktop_Audio on the UCCX server
4. Same as above.
The best thing to do, and how most of TAC troubleshoots is to use the CSD and CAD debugs set to TRACE and also Wireshark on the CAD, CSD and UCCX server all at the same time. -
Problem with context mapping and data flow in a FPM application
Hi All,
I am trying to develop an ESS application using FPM. For the same, the requirement is to see the history of an employee in the second view.
The first view has got just the overview information and the second one has got the detail. So, the records or the fields are the same on both the views.
As per the FPM guidelines, the Model is residing in the Fc component and the respective Vc components are using the model data accordingly.
I am executing the model in the Fc component calling the executable method in the interfaceController of the first view and then trying to display the output data of the BAPI in the first view which provides the overview information.This is working fine.
But when i am trying to map the same output node to the Table UI for the second view, the record size is coming zero and thus no information is available.
For the above issue, I am again executing the RFC in the InterfaceController of the second view to populate the records, which is incorrect as it is already executed and the data is available for the first view.
I request you to let me know the correct approach to Context mapping and data flow when using FPM-roadmap. Is their any standard method or approach available to deal with such requirements? Please let me know.
Thanks in advance.
Regards
DKHi Idhaya,
I model node is available in Fc and the Fc interface controller is being used in the first Vc and the second Vc.
So the idea is, as the executable method is generated in the Fc, so i have created a custom method to call the executable method in Fc, where the input parameter is getting passed and this custom method is finally getting called is the first Vc.
So , now my first Vc is ready to call the custom method in Fc and execute the RFC. Once the RFC is executed, the nodes in the Fc should get populated which is the ideal case.
And as the Fc is used as a component in the second Vc, the same node is available to the UI elements.
But, when I check the record size for the output node, it is always zero, for the second Vc.
Regards
DK -
How can we use TABLE CONTROL in BDC and WORK FLOW of ABAP.
how can we use TABLE CONTROL in BDC and WORK FLOW of ABAP.?
please explain the important questions.How to deal with table control / step loop in BDC
Steploop and table contol is inevitable in certain transactions. When we run BDC for such transactions, we will face the situation: how many visible lines of steploop/tablecontrol are on the screen? Although we can always find certain method to deal with it, such as function code 'NP', 'POPO', considering some extreme situation: there is only one line visible one the screen, our BDC program should display an error message. (See transaction 'ME21', we you resize your screen to let only one row visible, you can not enter mutiple lines on this screen even you use 'NP')
Now with the help of Poonam on sapfans.com developement forum, I find a method with which we can determine the number of visible lines on Transaction Screen from our Calling BDC program. Maybe it is useless to you, but I think it will give your some idea.
Demo ABAP code has two purposes:
1. how to determine number of visible lines and how to calculte page number;
(the 'calpage' routine has been modify to meet general purpose usage)
2. using field symbol in BDC program, please pay special attention to the difference in Static ASSIGN and Dynamic ASSIGN.
Now I begin to describe the step to implement my method:
(I use transaction 'ME21', screen 121 for sample,
the method using is Call Transation Using..)
Step1: go to screen painter to display the screen 121, then we can count the fixed line on this screen, there is 7 lines above the steploop and 2 lines below the steploop, so there are total 9 fixed lines on this screen. This means except these 9 lines, all the other line is for step loop. Then have a look at steploop itselp, one entry of it will occupy two lines.
(Be careful, for table control, the head and the bottom scroll bar will possess another two fixed lines, and there is a maximum number for table line)
Now we have : FixedLine = 9
LoopLine = 2(for table control, LoopLine is always equal to 1)
Step2: go to transaction itself(ME21) to see how it roll page, in ME21, the first line of new page is always occupied by the last line of last page, so it begin with index '02', but in some other case, fisrt line is empty and ready for input.
Now we have: FirstLine = 0
or FirstLine = 1 ( in our case, FirstLine is 1 because the first line of new page is fulfilled)
Step3: write a subroutine calcalculating number of pages
(here, the name of actual parameter is the same as formal parameter)
global data: FixedLine type i, " number of fixed line on a certain screen
LoopLine type i, " the number of lines occupied by one steploop item
FirstLine type i, " possbile value 0 or 1, 0 stand for the first line of new " scrolling screen is empty, otherwise is 1
Dataline type i, " number of items you will use in BDC, using DESCRIBE to get
pageno type i, " you need to scroll screen how many times.
line type i, " number of lines appears on the screen.
index(2) type N, " the screen index for certain item
begin type i, " from parameter of loop
end type i. " to parameter of loop
*in code sample, the DataTable-linindex stands for the table index number of this line
form calpage using FixedLine type i (see step 1)
LoopLine type i (see step 1)
FirstLine type i (see step 2)
DataLine type i ( this is the item number you will enter in transaction)
changing pageno type i (return the number of page, depends on run-time visible line in table control/ Step Loop)
changing line type i.(visible lines one the screen)
data: midd type i,
vline type i, "visible lines
if DataLine eq 0.
Message eXXX.
endif.
vline = ( sy-srows - FixedLine ) div LoopLine.
*for table control, you should compare vline with maximum line of
*table control, then take the small one that is min(vline, maximum)
*here only illustrate step loop
if FirstLine eq 0.
pageno = DataLine div vline.
if pageno eq 0.
pageno = pageno + 1.
endif.
elseif FirstLine eq 1.
pageno = ( DataLine - 1 ) div ( vline - 1 ) + 1.
midd = ( DataLine - 1 ) mod ( vline - 1).
if midd = 0 and DataLine gt 1.
pageno = pageno - 1.
endif.
endif.
line = vline.
endform.
Step4 write a subroutine to calculate the line index for each item.
form calindex using Line type i (visible lines on the screen)
FirstLine type i(see step 2)
LineIndex type i(item index)
changing Index type n. (index on the screen)
if FirstLine = 0.
index = LineIndex mod Line.
if index = '00'.
index = Line.
endif.
elseif FirstLine = 1.
index = LineIndex mod ( Line - 1 ).
if ( index between 1 and 0 ) and LineIndex gt 1.
index = index + Line - 1.
endif.
if Line = 2.
index = index + Line - 1.
endif.
endif.
endform.
Step5 write a subroutine to calculate the loop range.
form calrange using Line type i ( visible lines on the screen)
DataLine type i
FirstLine type i
loopindex like sy-index
changing begin type i
end type i.
If FirstLine = 0.
if loopindex = 1.
begin = 1.
if DataLine <= Line.
end = DataLine.
else.
end = Line.
endif.
elseif loopindex gt 1.
begin = Line * ( loopindex - 1 ) + 1.
end = Line * loopindex.
if end gt DataLine.
end = DataLine.
endif.
endif.
elseif FirstLine = 1.
if loopindex = 1.
begin = 1.
if DataLine <= Line.
end = DataLine.
else.
end = Line.
endif.
elseif loop index gt 1.
begin = ( Line - 1 ) * ( loopindex - 1 ) + 2.
end = ( Line - 1 ) * ( loopindex - 1 ) + Line.
if end gt DataLine.
end = DataLine.
endif.
endif.
endif.
endform.
Step6 using field sysbol in your BDC, for example: in ME21, but you should calculate each item will correponding to which index in steploop/Table Control
form creat_bdc.
field-symbols: <material>, <quan>, <indicator>.
data: name1(14) value 'EKPO-EMATN(XX)',
name2(14) value 'EKPO-MENGE(XX)',
name3(15) value 'RM06E-SELKZ(XX)'.
assign: name1 to <material>,
name2 to <quan>,
name3 to <indicator>.
do pageno times.
if sy-index gt 1
*insert scroll page ok_code"
endif.
perform calrange using Line DataLine FirstLine sy-index
changing begin end.
loop at DataTable from begin to end.
perform calindex using Line FirstLine DataTable-LineIndex changing Index.
name1+11(2) = Index.
name2+11(2) = Index.
name3+12(2) = Index.
perform bdcfield using <material> DataTable-matnr.
perform bdcfield using <quan> DataTable-menge.
perform bdcfield using <indicator> DataTable-indicator.
endloop.
enddo.
An example abap program of handling Table Control during bdc programming.
REPORT zmm_bdcp_purchaseorderkb02
NO STANDARD PAGE HEADING LINE-SIZE 255.
Declaring internal tables *
*-----Declaring line structure
DATA : BEGIN OF it_dummy OCCURS 0,
dummy(255) TYPE c,
END OF it_dummy.
*-----Internal table for line items
DATA : BEGIN OF it_idata OCCURS 0,
ematn(18), "Material Number.
menge(13), "Qyantity.
netpr(11), "Net Price.
werks(4), "Plant.
ebelp(5), "Item Number.
END OF it_idata.
*-----Deep structure for header data and line items
DATA : BEGIN OF it_me21 OCCURS 0,
lifnr(10), "Vendor A/c No.
bsart(4), "A/c Type.
bedat(8), "Date of creation of PO.
ekorg(4), "Purchasing Organisation.
ekgrp(3), "Purchasing Group.
x_data LIKE TABLE OF it_idata,
END OF it_me21.
DATA : x_idata LIKE LINE OF it_idata.
DATA : v_delimit VALUE ','.
DATA : v_indx(3) TYPE n.
DATA : v_fnam(30) TYPE c.
DATA : v_count TYPE n.
DATA : v_ne TYPE i.
DATA : v_ns TYPE i.
*include bdcrecx1.
INCLUDE zmm_incl_purchaseorderkb01.
Search help for file *
AT SELECTION-SCREEN ON VALUE-REQUEST FOR p_file.
CALL FUNCTION 'F4_FILENAME'
EXPORTING
program_name = syst-cprog
dynpro_number = syst-dynnr
IMPORTING
file_name = p_file.
START-OF-SELECTION.
To upload the data into line structure *
CALL FUNCTION 'WS_UPLOAD'
EXPORTING
filename = p_file
filetype = 'DAT'
TABLES
data_tab = it_dummy.
Processing the data from line structure to internal tables *
REFRESH:it_me21.
CLEAR :it_me21.
LOOP AT it_dummy.
IF it_dummy-dummy+0(01) = 'H'.
v_indx = v_indx + 1.
CLEAR it_idata.
REFRESH it_idata.
CLEAR it_me21-x_data.
REFRESH it_me21-x_data.
SHIFT it_dummy.
SPLIT it_dummy AT v_delimit INTO it_me21-lifnr
it_me21-bsart
it_me21-bedat
it_me21-ekorg
it_me21-ekgrp.
APPEND it_me21.
ELSEIF it_dummy-dummy+0(01) = 'L'.
SHIFT it_dummy.
SPLIT it_dummy AT v_delimit INTO it_idata-ematn
it_idata-menge
it_idata-netpr
it_idata-werks
it_idata-ebelp.
APPEND it_idata TO it_me21-x_data.
MODIFY it_me21 INDEX v_indx.
ENDIF.
ENDLOOP.
To open the group *
PERFORM open_group.
To populate the bdcdata table for header data *
LOOP AT it_me21.
v_count = v_count + 1.
REFRESH it_bdcdata.
PERFORM subr_bdc_table USING: 'X' 'SAPMM06E' '0100',
' ' 'BDC_CURSOR' 'EKKO-LIFNR',
' ' 'BDC_OKCODE' '/00',
' ' 'EKKO-LIFNR' it_me21-lifnr,
' ' 'RM06E-BSART' it_me21-bsart,
' ' 'RM06E-BEDAT' it_me21-bedat,
' ' 'EKKO-EKORG' it_me21-ekorg,
' ' 'EKKO-EKGRP' it_me21-ekgrp,
' ' 'RM06E-LPEIN' 'T'.
PERFORM subr_bdc_table USING: 'X' 'SAPMM06E' '0120',
' ' 'BDC_CURSOR' 'RM06E-EBELP',
' ' 'BDC_OKCODE' '/00'.
MOVE 1 TO v_indx.
*-----To populate the bdcdata table for line item data
LOOP AT it_me21-x_data INTO x_idata.
CONCATENATE 'EKPO-EMATN(' v_indx ')' INTO v_fnam.
PERFORM subr_bdc_table USING ' ' v_fnam x_idata-ematn.
CONCATENATE 'EKPO-MENGE(' v_indx ')' INTO v_fnam.
PERFORM subr_bdc_table USING ' ' v_fnam x_idata-menge.
CONCATENATE 'EKPO-NETPR(' v_indx ')' INTO v_fnam.
PERFORM subr_bdc_table USING ' ' v_fnam x_idata-netpr.
CONCATENATE 'EKPO-WERKS(' v_indx ')' INTO v_fnam.
PERFORM subr_bdc_table USING ' ' v_fnam x_idata-werks.
v_indx = v_indx + 1.
PERFORM subr_bdc_table USING: 'X' 'SAPMM06E' '0120',
' ' 'BDC_CURSOR' 'RM06E-EBELP',
' ' 'BDC_OKCODE' '/00'.
ENDLOOP.
PERFORM subr_bdc_table USING: 'X' 'SAPMM06E' '0120',
' ' 'BDC_CURSOR' 'RM06E-EBELP',
' ' 'BDC_OKCODE' '=BU'.
PERFORM bdc_transaction USING 'ME21'.
ENDLOOP.
PERFORM close_group.
End of selection event *
END-OF-SELECTION.
IF session NE 'X'.
*-----To display the successful records
WRITE :/10 text-001. "Sucess records
WRITE :/10 SY-ULINE(20).
SKIP.
IF it_sucess IS INITIAL.
WRITE :/ text-002.
ELSE.
WRITE :/ text-008, "Total number of Succesful records
35 v_ns.
SKIP.
WRITE:/ text-003, "Vendor Number
17 text-004, "Record number
30 text-005. "Message
ENDIF.
LOOP AT it_sucess.
WRITE:/4 it_sucess-lifnr,
17 it_sucess-tabix CENTERED,
30 it_sucess-sucess_rec.
ENDLOOP.
SKIP.
*-----To display the erroneous records
WRITE:/10 text-006. "Error Records
WRITE:/10 SY-ULINE(17).
SKIP.
IF it_error IS INITIAL.
WRITE:/ text-007. "No error records
ELSE.
WRITE:/ text-009, "Total number of erroneous records
35 v_ne.
SKIP.
WRITE:/ text-003, "Vendor Number
17 text-004, "Record number
30 text-005. "Message
ENDIF.
LOOP AT it_error.
WRITE:/4 it_error-lifnr,
17 it_error-tabix CENTERED,
30 it_error-error_rec.
ENDLOOP.
REFRESH it_sucess.
REFRESH it_error.
ENDIF.
CODE IN INCLUDE.
Include ZMM_INCL_PURCHASEORDERKB01
DATA: it_BDCDATA LIKE BDCDATA OCCURS 0 WITH HEADER LINE.
DATA: it_MESSTAB LIKE BDCMSGCOLL OCCURS 0 WITH HEADER LINE.
DATA: E_GROUP_OPENED.
*-----Internal table to store sucess records
DATA:BEGIN OF it_sucess OCCURS 0,
msgtyp(1) TYPE c,
lifnr LIKE ekko-lifnr,
tabix LIKE sy-tabix,
sucess_rec(125),
END OF it_sucess.
DATA: g_mess(125) type c.
*-----Internal table to store error records
DATA:BEGIN OF it_error OCCURS 0,
msgtyp(1) TYPE c,
lifnr LIKE ekko-lifnr,
tabix LIKE sy-tabix,
error_rec(125),
END OF it_error.
Selection screen
SELECTION-SCREEN BEGIN OF LINE.
PARAMETERS session RADIOBUTTON GROUP ctu. "create session
SELECTION-SCREEN COMMENT 3(20) text-s07 FOR FIELD session.
SELECTION-SCREEN POSITION 45.
PARAMETERS ctu RADIOBUTTON GROUP ctu. "call transaction
SELECTION-SCREEN COMMENT 48(20) text-s08 FOR FIELD ctu.
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 3(20) text-s01 FOR FIELD group.
SELECTION-SCREEN POSITION 25.
PARAMETERS group(12). "group name of session
SELECTION-SCREEN COMMENT 48(20) text-s05 FOR FIELD ctumode.
SELECTION-SCREEN POSITION 70.
PARAMETERS ctumode LIKE ctu_params-dismode DEFAULT 'N'.
"A: show all dynpros
"E: show dynpro on error only
"N: do not display dynpro
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 48(20) text-s06 FOR FIELD cupdate.
SELECTION-SCREEN POSITION 70.
PARAMETERS cupdate LIKE ctu_params-updmode DEFAULT 'L'.
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 3(20) text-s03 FOR FIELD keep.
SELECTION-SCREEN POSITION 25.
PARAMETERS: keep AS CHECKBOX. "' ' = delete session if finished
"'X' = keep session if finished
SELECTION-SCREEN COMMENT 48(20) text-s09 FOR FIELD e_group.
SELECTION-SCREEN POSITION 70.
PARAMETERS e_group(12). "group name of error-session
SELECTION-SCREEN END OF LINE.
SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 51(17) text-s03 FOR FIELD e_keep.
SELECTION-SCREEN POSITION 70.
PARAMETERS: e_keep AS CHECKBOX. "' ' = delete session if finished
"'X' = keep session if finished
SELECTION-SCREEN END OF LINE.
PARAMETERS:p_file LIKE rlgrap-filename.
at selection screen *
AT SELECTION-SCREEN.
group and user must be filled for create session
IF SESSION = 'X' AND
GROUP = SPACE. "OR USER = SPACE.
MESSAGE E613(MS).
ENDIF.
create batchinput session *
FORM OPEN_GROUP.
IF SESSION = 'X'.
SKIP.
WRITE: /(20) 'Create group'(I01), GROUP.
SKIP.
*----open batchinput group
CALL FUNCTION 'BDC_OPEN_GROUP'
EXPORTING
CLIENT = SY-MANDT
GROUP = GROUP
USER = sy-uname.
WRITE:/(30) 'BDC_OPEN_GROUP'(I02),
(12) 'returncode:'(I05),
SY-SUBRC.
ENDIF.
ENDFORM. "OPEN_GROUP
end batchinput session *
FORM CLOSE_GROUP.
IF SESSION = 'X'.
*------close batchinput group
CALL FUNCTION 'BDC_CLOSE_GROUP'.
WRITE: /(30) 'BDC_CLOSE_GROUP'(I04),
(12) 'returncode:'(I05),
SY-SUBRC.
ELSE.
IF E_GROUP_OPENED = 'X'.
CALL FUNCTION 'BDC_CLOSE_GROUP'.
WRITE: /.
WRITE: /(30) 'Fehlermappe wurde erzeugt'(I06).
ENDIF.
ENDIF.
ENDFORM. "CLOSE_GROUP
Start new transaction according to parameters *
FORM BDC_TRANSACTION USING TCODE TYPE ANY.
DATA: L_SUBRC LIKE SY-SUBRC.
*------batch input session
IF SESSION = 'X'.
CALL FUNCTION 'BDC_INSERT'
EXPORTING
TCODE = TCODE
TABLES
DYNPROTAB = it_BDCDATA.
WRITE: / 'BDC_INSERT'(I03),
TCODE,
'returncode:'(I05),
SY-SUBRC,
'RECORD:',
SY-INDEX.
ELSE.
REFRESH it_MESSTAB.
CALL TRANSACTION TCODE USING it_BDCDATA
MODE CTUMODE
UPDATE CUPDATE
MESSAGES INTO it_MESSTAB.
L_SUBRC = SY-SUBRC.
WRITE: / 'CALL_TRANSACTION',
TCODE,
'returncode:'(I05),
L_SUBRC,
'RECORD:',
SY-INDEX.
ENDIF.
Message handling for Call Transaction *
perform subr_mess_hand using g_mess.
*-----Erzeugen fehlermappe
IF L_SUBRC <> 0 AND E_GROUP <> SPACE.
IF E_GROUP_OPENED = ' '.
CALL FUNCTION 'BDC_OPEN_GROUP'
EXPORTING
CLIENT = SY-MANDT
GROUP = E_GROUP
USER = sy-uname
KEEP = E_KEEP.
E_GROUP_OPENED = 'X'.
ENDIF.
CALL FUNCTION 'BDC_INSERT'
EXPORTING
TCODE = TCODE
TABLES
DYNPROTAB = it_BDCDATA.
ENDIF.
REFRESH it_BDCDATA.
ENDFORM. "BDC_TRANSACTION
Form subr_bdc_table *
text
-->P_0220 text *
-->P_0221 text *
-->P_0222 text *
FORM subr_bdc_table USING VALUE(P_0220) TYPE ANY
VALUE(P_0221) TYPE ANY
VALUE(P_0222) TYPE ANY.
CLEAR it_bdcdata.
IF P_0220 = ' '.
CLEAR it_bdcdata.
it_bdcdata-fnam = P_0221.
it_bdcdata-fval = P_0222.
APPEND it_bdcdata.
ELSE.
it_bdcdata-dynbegin = P_0220.
it_bdcdata-program = P_0221.
it_bdcdata-dynpro = P_0222.
APPEND it_bdcdata.
ENDIF.
ENDFORM. " subr_bdc_table
Form subr_mess_hand *
text *
-->P_G_MESS text *
FORM subr_mess_hand USING P_G_MESS TYPE ANY.
LOOP AT IT_MESSTAB.
CALL FUNCTION 'FORMAT_MESSAGE'
EXPORTING
ID = it_messtab-msgid
LANG = it_messtab-msgspra
NO = it_messtab-msgnr
v1 = it_messtab-msgv1
v2 = it_messtab-msgv2
IMPORTING
MSG = P_G_MESS
EXCEPTIONS
OTHERS = 0.
CASE it_messtab-msgtyp.
when 'E'.
it_error-error_rec = P_G_MESS.
it_error-lifnr = it_me21-lifnr.
it_error-tabix = v_count.
APPEND IT_ERROR.
when 'S'.
it_sucess-sucess_rec = P_G_MESS.
it_sucess-lifnr = it_me21-lifnr.
it_sucess-tabix = v_count.
APPEND IT_SUCESS.
endcase.
ENDLOOP.
Describe table it_sucess lines v_ns.
Describe table it_error lines v_ne.
ENDFORM. " subr_mess_hand
Also refer
http://sap.ittoolbox.com/groups/technical-functional/sap-dev/bdc-table-control-668404
and
http://www.sap-img.com/abap/bdc-example-using-table-control-in-bdc.htm
Regards,
srinivas
<b>*reward for useful answers*</b> -
Datasource related to FI and Cash Flow
Hi ,can anyone please give me information on FI and Cash Flow management and it's datasource as well.
Regards
ArjunHi,
Check the presentation
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a7f2f294-0501-0010-11bb-80e0d67c3e4a
Regards. -
Purchase and sales flow resulting from 'production in other plant'.
Dear all,
When using the procurement type 'P' (production in other plant), materials are consumed in plant A and goods receipts from production order happens in plant B.
When plants A and B belong to different company codes, SAP generates a cross-company document. Within the receiving company, the offsetting account for the stock account is the cross-company clearing account.
This posting is generally not sufficient as legal and tax requirements ask for a sales and purchasing flow between the 2 company codes. Therefore many companies need to 'develop a solution' to complete this posting 'after the facts'.
Does anybody know whether this additional posting exists under the form of an 'add-on' or additional solution to the standard made available by one or another partner of SAP ? Note that the starting point for this question is important : our company wants to use the 'production in other plant' flow because the native purchase and sales flows are too much time consuming.
Thanks for your help.
José BegheinHi all,
I want to be a bit more accurate here :
The produced material in plant B has a special procurement type code (MARC-SOBSL) which in its definition contains procurement type E (BESKZ) and special procurement P (ESOBS). It is special procurement P that triggers the 'production in other plant' behaviour. The production plant (WRK02) is also specified in the definition of the special procurement type code.
Kind regards.
José Beghein -
SSIS Control and Data Flow Items not available in Customize Toolbox
I cannot add additional Data Flow and Control Flow items to the SSIS Toolbox. I am using SQL Server 2014 and VS 2013 (BIDS). The standard SSIS items appear - but they are all of them. How do I add the additional ones that are not loaded by default. I didn't
have this issue with SQL Server 2012.
Thank you,
Johhn
JohnJohn, which ones you do not see? AFAIK nothing has changed regarding how the items get added to SSIS toolbox in SSDT or VS 2013 with SSDT installed (no BIDS in SSIS 2012 and up).
Arthur My Blog -
Ways of creating contract and process flow of contracts
hi friends
ways of creating contract and process flow of contracts
thanks for ur help
regards
krishnahi,
In the MM Purchasing component, a contract is a type of outline purchase agreement against which release orders (releases) can be issued for agreed materials or services as and when required during a certain overall time-frame.
Contracts can take the following forms:
Quantity contracts
Use this type of contract if the total quantity to be ordered during the validity period of the contract is known in advance. The contract is regarded as fulfilled when release orders totaling a given quantity have been issued.
Value contracts
Use this type of contract if the total value of all release orders issued against the contract is not to exceed a certain predefined value. The contract is regarded as fulfilled when release orders totaling a given value have been issued.
You can also set up corporate buying contracts with your vendors. These are valid for all plants and company codes within a client (see Centrally Agreed Contract).
You can create a contract as follows:
Manually
You enter all data relating to the contract manually.
Using the referencing technique
As reference document (the document you copy from), you can use:
Purchase requisitions
RFQs/quotations
Other contracts
CREATION OF CONTRACT MANUALLY:
Choose Outline agreement --> Contract --> Create(ME31K)
The initial screen appears.
Enter the necessary data. If you make any specifications under the group heading Default data, this data will appear as the default data in each item.
In the Agreement type field, specify whether you are creating a quantity or value contract, for example.
Press ENTER .
The header data screen appears.
Enter the contract validity period. Check the other fields on this screen and make any necessary changes (e.g. the terms of payment) and define the header conditions.
Press ENTER .
The item overview screen appears.
On this screen, enter the information for each item (material number, target quantity, price, receiving plant, or account assignment, etc.) using the same procedure as with purchase orders.
Material without a master record: leave the field for the material number empty and enter the following:
u2013 Short description of the relevant material or service in the Short text field
u2013 Material group to which the material belongs, in the Material group field
u2013 Account assignment category
You can enter u (unknown) or the category of an account assignment.
u2013 The target quantity and the order unit
If you specify an account assignment category other than U (field A), you must enter the relevant account assignment data for the item. To do so, choose Item ® Account assignments (see also Account Assignment).
If necessary, review the details for each item. Select the item(s) to review. Then select Item -> Details.
Enter the desired conditions.
Enter further text for the item if any additional instructions to the vendor or Goods Receiving are necessary. Choose Item -> Texts -> Text overview.
Save the contract.
Hope it helps..
Regards
Priyanka.P
AWARD IF HELPFULL
Edited by: Priyanka Paltanwale on Aug 25, 2008 7:20 AM -
How can i active my multimedia and packet data?
pls help of how to ative my multimedia and packet data, or wat the instractions i need to follow in order for me to active the multimedia model of the phone is 6070.hope u will help me in this .coz i want to share pics in my frnds and send a email to my love once in internet access..Message Edited by laarniangel on 26-Dec-2006
11:17 AMYou must first set up your phone configuration. Either by order setting (click here: https://nokiags.wdsglobal.com/standard?siteLanguageId=118 and follow the instruction) or use your default setting (already available on your phone)
-
Album View and Cover Flow View are not available in iTunes 7
Hi,
When I connect my iPod, in the iTunes 7, the options for Album view and Cover Flow View are disabled for the song list on my iPod. I only have a list view for them. However, at the same time, the songs on the library can be viewed in any of the three (3) views.
What might be the possible reason and is there any options to view your iPod songs in Cover Flow View in iTunes (while it is connected)?
Please solve this query of mine.It just simply not a feature. You might think about requesting it here:
http://www.apple.com/feedback/itunesapp.html -
Blurry/Scaled Down Artwork Column and Cover Flow are in 9.2
i have noticed on my iMac 27" that the album artwork is really blurry, and when i double click the art work at the left bottom and enlarge it, it looks fine. For some reason Apple scales down the pixel size of images and it looks really blurry. Before it was the standard 600x600 artwork that looked beautiful but not anymore..
This is an infuriating problem as I have taken a lot of time to embed high res art in my fles. The art still remains hi res in the bottom left, but in cover flow or the album artwork column it is a crappy looking blurry image.I noticed this also. And yes, it infuriates me too. I used to browse my music collection in Cover Flow on a 46" LCD. Not any more since iTunes 9.2. iTunes 9.2 comes with several new features and improvements, including this one: "Album Artwork improvements make artwork appear more quickly when exploring your library".
It turns out that the album artwork cache build by iTunes consists of scaled down copies with a size of 128x128!!! These scaled down copies are used in the album artwork column, grid view, and cover flow. Not much you can do about it except give feedback (http://www.apple.com/feedback/itunesapp.html). That's what I did.
Maybe you are looking for
-
Import conversion data table from SAP R/3 into value mapping table in XI
Hi: Somebody knows how to import a table with conversion data that are in SAP R/3 and to take it to a value mapping table in XI? The purpose is to use a mapping table that can change in the future. Must I use a ABAP programming that retrieve
-
My Adobe LiveCycle Designer ES closes when I open it....:(
Hello all, I want to thank you beforehand for the help regarding this matter. I use Windows Vista and my Adobe LiveCycle Designer was working before but for the last week and a half or so I have not been able to get it to work! I have done scandisk/d
-
Goods Issue total should not calculate based on Info price * Quantity
Hi, The total amount in Goods Issue taken from "Info Price * Quantity" which doesn't ties back to the value posted to Journal Entry. It should calculate according to the actual unit price instead of info price, the info price is meaningless in the Go
-
I purchased the software of aMember helping with setting up membership, login etc - no idea at all how to get anything with this working!? Anyone used it before? Regards,
-
Hello to all, I'm new to SAP world and would like to install SAP ECC 6.0 SR1 or SR2 on linux platform with Oracle as Database. I'm not sure how to search for software into the market place, what are the notes to refer. Would be great