Go Back   FlashFXP Forums > > > >

ioFTPD General New releases, comments, questions regarding the latest version of ioFTPD.

Reply
 
Thread Tools Rate Thread Display Modes
Old 11-27-2004, 09:25 PM   #1
BeBoo
Junior Member
FlashFXP Registered User
 
Join Date: Nov 2004
Posts: 4
Default Ident lookup thingie

Hey guys

We're running a few ftp servers, and have some ident problems.

Some of our users are behind a firewall, which blocks for ident requests.
We could disable the ident lookups totally, but we have some other users, which we require to run identd.

Then i was thinking about a feature, which disabled ident lookups for users, which ident was *@ip

Thanks in advance, BeBoo
BeBoo is offline   Reply With Quote
Old 11-27-2004, 09:53 PM   #2
mr_F_2
Senior Member
 
Join Date: Jan 2004
Posts: 203
Default

what's wrong with

site addip <user> *@ip ???

if adding a user with a wildcard for an ident is your request you'll be happy to know it already does this
mr_F_2 is offline   Reply With Quote
Old 11-27-2004, 10:44 PM   #3
BeBoo
Junior Member
FlashFXP Registered User
 
Join Date: Nov 2004
Posts: 4
Thumbs down Uhm.. no

I've already done that, but it is still trying to lookup the ident on the machine.. and then fails the login, because the firewall blocks the connection..
BeBoo is offline   Reply With Quote
Old 11-27-2004, 10:58 PM   #4
wooolF[RM]
Senior Member
ioFTPD Foundation User
 
Join Date: Oct 2003
Posts: 411
Default

as mr_F said, *@ip comletely disables ident check for predefined user. Even if site checks ident, it wont care if it does match or not (because you have specified *).

Yes, I'm 100% sure about that as I got some users too who are behind some spooky FW or they just can't ident because their ISP blocks it...

Btw, you could try to delete all IPs for that troubled user and just add * (just for test). I bet $100 that he'll be able to login (yep, even if site will check his ident as you've said and even if that ident doesn't match (but it will match cause we've specified "*" which means ANY ident, even none)).
wooolF[RM] is offline   Reply With Quote
Old 11-27-2004, 11:19 PM   #5
BeBoo
Junior Member
FlashFXP Registered User
 
Join Date: Nov 2004
Posts: 4
Default

Okay thanks, i will give that a try.
BeBoo is offline   Reply With Quote
Old 11-27-2004, 11:51 PM   #6
BeBoo
Junior Member
FlashFXP Registered User
 
Join Date: Nov 2004
Posts: 4
Default

Well, that was 100 bucks for me then

I dont know whether this is the correct forum to post further - but we localized the problem to be that ident thingie, cause our firewall logs told us that it was trying to connect to the identd, and after that the connection to the server times out.

We just get a
421 Timeout (15 seconds): closing control connection.
error, when trying to connect.

I'm not sure that it is caused by the ident lookup problem, but that was the most obivous thing i could think of.

We got TLS enabled and required on the servers if that makes a different
BeBoo is offline   Reply With Quote
Old 11-28-2004, 03:36 PM   #7
wooolF[RM]
Senior Member
ioFTPD Foundation User
 
Join Date: Oct 2003
Posts: 411
Default

Nope, u still owe me $100... plus $100 for this reply.

Here how it looks like when your ident

Code:
Ident Request: server.ip.goes.here - UserID: ident.here
220 welcome.msg.goes.here
USER user.on.the.site
530 Login incorrect.
Connection failed
It doesn't matter if your mask is * or *@* or *@*.*.*.* or ident@ip or anything, site *will* send you the ident request. And only then (according to the specified mask) it will allow you in or not.
wooolF[RM] is offline   Reply With Quote
Reply

Tags
ftp, ident, lookups, require, users


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 03:16 AM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)