Go Back   FlashFXP Forums > > > >

ioFTPD General New releases, comments, questions regarding the latest version of ioFTPD.

Reply
 
Thread Tools Rating: Thread Rating: 5 votes, 4.40 average. Display Modes
Old 05-29-2011, 04:26 PM   #46
mr.babek
Member
FlashFXP Beta Tester
ioFTPD Foundation User
 
Join Date: Jul 2005
Posts: 82
Default

Hi Yil,
7.7.2 is VERY stable,I haven't had a single crash since installation. With older versions I had several crashes a week.

Thanks for further devoloping the BEST windows FTPD!
__________________
Current setup:

MS Windows Storage Server 2012R2, ioFTPD 7.7.3, ioNinja, nxTools
mr.babek is offline   Reply With Quote
Old 06-01-2011, 03:20 AM   #47
Ullman
Junior Member
FlashFXP Registered User
 
Join Date: Aug 2010
Posts: 7
Default

Hi and thanks for further developing this awsome ftpd software although I've stumbled upon some sort of strange problem. I've configured everything to my liking in the ioFTPD.ini file an example is to turn on Encryption login and data transfers using TLS and also check for ident.

The thing that has happened is, yesterday I could logon but when I boot it up today I can't, it says that my password is wrong even though I haven't changed it. When I check the Error.log it reports the following:
06-01-2011 09:48:55 Host '*@80.92.#.#' () did not match any of user 'tempuser' allowed ident responses.

Another thing is that it doesn't seem to really check for an ident even when I have the first Secure_Ip_1 checking for it.

In case you want to see it this is how it looks in my config:
Secure_Ip_1 = 1 1 2 G1M

/Ullman
Ullman is offline   Reply With Quote
Old 06-01-2011, 12:12 PM   #48
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

Ullman: I think you're confusing the options a bit. Secure_Ip only forces constraints on the SETTING of a user's hostmasks via 'site addip' and 'site [g]adduser'. You can use 'site uinfo <user>' to view the hostmasks for a user and my guess is you'll see something like "user@1.2.3.4". The line you are seeing in the error log indicates that the server did not receive a timely reply to the ident request so the default ident '*' was used (i.e. the *@80.92.#.#), but because an IP-only match was found it's giving you the ident mismatch error to help you understand what is going on. If you have the Show_HostMask_Error option enabled you'll also see this error returned instead of the generic bad password. Hmm, that really should be the default for that option these days...

The most obvious answer is you don't have a responder for ident requests running. Some FTP clients like FlashFXP and IRC clients like mIRC can do this. If you run both on your computer make sure they have the same reply else you'll never be sure which answer you might get.

If you think that's working fine, the next thing to check is to make sure you gave the server enough time to wait for a response. Check Ident_Timeout under [Network] and make sure you didn't set it to 1 or something which might be too fast. I think the default is 5. If you set this to 0 then the server won't issue ident requests at all and the server will completely ignore the ident portion of any hostmasks when validating them.
Yil is offline   Reply With Quote
Old 06-01-2011, 05:37 PM   #49
Ullman
Junior Member
FlashFXP Registered User
 
Join Date: Aug 2010
Posts: 7
Default

Thanks for the quick reply and yes I might have gone through the settings a bit fast (did the setup at midnight -_^ ) I noticed that I had a different ident response on my irc client so that might be it.

The Ident_Timeout is set to 5 but might change it to 10 if I keep getting an error. I also turned on the Show_HostMask_Error Thanks for clearing it up for me. I'll be back if I find anything else that might be strange

/Ullman
Ullman is offline   Reply With Quote
Old 06-05-2011, 12:29 PM   #50
Flow
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
 
Flow's Avatar
 
Join Date: Dec 2001
Posts: 306
Default

Oh YEA ... a STABLE Release! - Thanks Yil!
Flow is offline   Reply With Quote
Old 06-06-2011, 05:46 PM   #51
Ullman
Junior Member
FlashFXP Registered User
 
Join Date: Aug 2010
Posts: 7
Default

Yil: I don't know if I missed something in the config but after I have added a new user with gadduser to a specified group and with an ident@12.34.*.* that user can't logon even if I wait a while. But when I restarted ioftpd.exe (by killing it through task manager and then start it again) they can connect.

/Ullman
Ullman is offline   Reply With Quote
Old 06-06-2011, 08:05 PM   #52
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

Ullman: When you say they can't login does it reject their password or can they not even get that far?

If you are using the 'Reject_Unknown_Ips' option that will immediately disconnect anyone whose IP or reversed hostname doesn't match the hostmask for at least one user. That makes for a more secure site, but does mean the server is picky about who can connect. I haven't used the feature in a while, but obviously there's a lot more chance for me to goof something up since the server has to track all hostmasks. For the record, it also interacts with the dynamic DNS hostmask feature (the : prefix) of user's hostmasks and the work-around is the Knock feature. I don't think restarting the server would make a difference, but if you are using a dynamic DNS hostname that could take a while for a newly updated name to timeout in DNS caches (including the local windows one) and thus waiting a while may make a difference.

If, however, this is a simple login failed rejection then check what the error log says was the reason along with the hostmask. I can't think of any reason gadduser would be different than adduser in this case since they use the same code.

Is the problem reproducible and does it happen to every user, just some users, and if some what do they have in common?
Yil is offline   Reply With Quote
Old 06-07-2011, 04:12 AM   #53
Flow
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
 
Flow's Avatar
 
Join Date: Dec 2001
Posts: 306
Default

Ullman: could also be that if server is behind a router and port 113 is not portfarwarded to the server itself.
Flow is offline   Reply With Quote
Old 06-07-2011, 02:13 PM   #54
Ullman
Junior Member
FlashFXP Registered User
 
Join Date: Aug 2010
Posts: 7
Default

Flow: Unfortunately the server is not behind a router it's connected directly to the internet via the outlet in the wall that my ISP installed.

Yil: It might be reproducable, you could try and just add a new user, assign them to a group and have the ident@xxx.xxx.*.* (where x are numbers) and then try and connect to the server "right away" after the account has been created, I tried this "locally" (I have 5 public IPs via my ISP and the outlet is shared with a home-use gigabit switch from netgear). Every user that I add is forced to have the ident@xxx.xxx.*.* with only numbers no hostmasks or dynamic DNS names. I do use the Reject_Unknown_Ips but not the knock knock feature (even secure I think )

The error.log has this entry when it didn't work:

Host '*@99.25.#.#' (#.#.#.se.net) did not match any of user 'new_user' allowed ident responses.

The client was set up to send the correct ident for that user and send it through port 113.

If you want I could send you my ioFTPD.ini file so you'll have the same config

/Ullman
Ullman is offline   Reply With Quote
Old 06-07-2011, 03:24 PM   #55
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

Ullman: Actually the pure fact that you have an entry in the error log tells me it isn't a problem with the Reject_Unknown_Ips feature because they clearly connected! It also tells me that the problem is purely limited to the ident response. I feel like I just answered this on another thread, but can't find it, but look at the 'Ident_Timeout' setting and make sure it's at least 5 seconds or so. If you set it to 0 ident checking in hostmasks is disabled entirely and no requests for it will be made. You need at least 5 seconds, if not more, to reliably get ident responses returned so they can be used. I know some people set it smaller because it allows quicker logins for people who don't have an ident response setup on their end, but don't do that. Either disable the feature entirely or leave it at 5. Instead, you might choose to make the ident cache timeout much larger so reconnects in the future will use the cached value which usually solves the problem of the user trying again in a few minutes/seconds...
Yil is offline   Reply With Quote
Old 06-14-2011, 12:33 PM   #56
Flow
Senior Member
FlashFXP Beta Tester
ioFTPD Foundation User
 
Flow's Avatar
 
Join Date: Dec 2001
Posts: 306
Default

Yil, is thare a simple workaround, you know, if disk is full (nxTools related). Um ... like, spit out plenty of error indicate that disk is full, upload not allowed, contact sysop etc ...
Flow is offline   Reply With Quote
Old 06-16-2011, 08:43 AM   #57
mr.babek
Member
FlashFXP Beta Tester
ioFTPD Foundation User
 
Join Date: Jul 2005
Posts: 82
Default

would be a nice feature to build in a autodelete function to delete the oldest stuff when reaching a low watermark (like 20GB free on volume) and be able to specify the directories in which IOftpd is allowed to delete files to free up to a high watermark
__________________
Current setup:

MS Windows Storage Server 2012R2, ioFTPD 7.7.3, ioNinja, nxTools
mr.babek is offline   Reply With Quote
Old 06-16-2011, 03:52 PM   #58
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

mr.babek: I've thought long and hard about how to support auto-deletion, and agree that it's an important feature. However, I don't believe ioFTPD should do this internally. It's just way too complicated to get right for everyone so some support will be provided from the server, but the real decision making should be done by a script that gets called when the server needs more space. This would make it completely customizable. I've even mentioned how we could use the various +x bits of the directory access modes to indicate what can be allowed to be auto-deleted and what can't be. I'm willing to work with anyone who wants to write such a script, but my version probably won't get written until the site script I toy with from time to time gets released since the directory database it keeps is what I'll use to figure out the oldest dirs able to be deleted.
Yil is offline   Reply With Quote
Old 06-16-2011, 03:56 PM   #59
mr.babek
Member
FlashFXP Beta Tester
ioFTPD Foundation User
 
Join Date: Jul 2005
Posts: 82
Default

Well, it was worth the try =)
__________________
Current setup:

MS Windows Storage Server 2012R2, ioFTPD 7.7.3, ioNinja, nxTools
mr.babek is offline   Reply With Quote
Old 06-17-2011, 12:37 AM   #60
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

Future version update. I had this REALLY big and far ranging v8.0 code that I started working on back sometime after v7.5.0 came out. As I was working on the new stuff I kept finding serious issues and decided to pull out simple parts of what I was working on along with the bugfix and thus we got v7.6 and v7.7 that weren't planned...

Since v8 just proved to be too massive a change and things appear somewhat stable I think in a little bit I'll release a v7.8 that is essentially already done and contains a few more bug fixes, some simple tweaks, and a few new features. Pretty straightforward.

I'll follow that up with a v7.9 or v8.0 that includes the first phase of the new internal configuration changes and a bunch of new features that depend upon that. Then another one after that with the rest of the stuff from v8 that didn't make it.

The good news is most of this stuff is already written and just needs to be tweaked a bit and merged into the current branch. So development should go relatively quickly if I find time to work on it. And if the new stuff starts to break things the number of changes between versions don't be too large to track down any new problems.
Yil is offline   Reply With Quote
Reply

Tags
bug, code, directory, release, user


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 07:10 AM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)