Ullman: Actually the pure fact that you have an entry in the error log tells me it isn't a problem with the Reject_Unknown_Ips feature because they clearly connected! It also tells me that the problem is purely limited to the ident response. I feel like I just answered this on another thread, but can't find it, but look at the 'Ident_Timeout' setting and make sure it's at least 5 seconds or so. If you set it to 0 ident checking in hostmasks is disabled entirely and no requests for it will be made. You need at least 5 seconds, if not more, to reliably get ident responses returned so they can be used. I know some people set it smaller because it allows quicker logins for people who don't have an ident response setup on their end, but don't do that. Either disable the feature entirely or leave it at 5. Instead, you might choose to make the ident cache timeout much larger so reconnects in the future will use the cached value which usually solves the problem of the user trying again in a few minutes/seconds...
|