View Single Post
Old 03-16-2014, 07:27 PM  
Yil
Too much time...
 
Join Date: May 2005
Posts: 1,194
Default

Mongi: Please note that ";" at the start of a line in the .ini means the line is commented out and any default value will be used.......

If you can cover all possible addresses from a user in like 20 hostmasks I'd do that, but if you can't then you need to use the dynamic dns feature :*@hostname.dyndns.org or whatever and they have to keep it updated with their current IP. I believe ioFTPD is the only server to allow such a feature but it can come in handy...

The next problem you have is you ARE using the Reject_Unknown_Hosts feature which means the server is locked down to only respond to servers whose IP/hostname matches a hostmask and in this case the user likely won't match. That's because the server doesn't test every dynamic hostmask on every connection so the user will have to use the knock feature to let it know it should let them try to login.

Just set up a simple knock like:
Code:
Knock_1 = 15121
;Knock_2 = 11123
;Knock_3 = 12123
That means they just have to TRY to connect to 15121 once (notice the other 2 lines are commented out still?). No response will happen, it will just drop the connection immediately but the user will get to login to the regular server port next time they try because it now knows to not immediately reject them as not matching any hostmasks.

After that they can try to login and things should work for them.

Having a user with a constantly wildly changing IP address and a locked down server is hard to deal with, but the dynamic hostmask and knock feature is a better solution than anybody else has

To try to debug what is going on check the ioftpd.log and/or error.log file. I think one of the logfiles records the dynamic hostmask lookup, and the ip/host the user connected from is important because you can check to see if the dynamic dns name resolves to their current IP address. Normally the dynamic dns entries have 1-5 minute cache times so a user who just updated it might need to wait 5 min before ioFTPD can see the new IP address...

Last edited by Yil; 03-16-2014 at 07:36 PM.
Yil is offline   Reply With Quote