View Single Post
Old 03-17-2014, 03:39 AM  
MONGi
Member
 
Join Date: May 2012
Posts: 72
Default

Hello Yil,

Quote:
Mongi: Please note that ";" at the start of a line in the .ini means the line is commented out and any default value will be used.......
I know it.

Quote:
If you can cover all possible addresses from a user in like 20 hostmasks I'd do that, but if you can't then you need to use the dynamic dns feature :*@hostname.dyndns.org or whatever and they have to keep it updated with their current IP. I believe ioFTPD is the only server to allow such a feature but it can come in handy...
Ok, i will use this option.

Quote:
The next problem you have is you ARE using the Reject_Unknown_Hosts feature which means the server is locked down to only respond to servers whose IP/hostname matches a hostmask and in this case the user likely won't match. That's because the server doesn't test every dynamic hostmask on every connection so the user will have to use the knock feature to let it know it should let them try to login.
You mean, i must coment out Reject_Unknown_Hosts?

Quote:
Just set up a simple knock like:
Code:
Knock_1 = 15121
;Knock_2 = 11123
;Knock_3 = 12123
That means they just have to TRY to connect to 15121 once (notice the other 2 lines are commented out still?). No response will happen, it will just drop the connection immediately but the user will get to login to the regular server port next time they try because it now knows to not immediately reject them as not matching any hostmasks.

After that they can try to login and things should work for them.

Having a user with a constantly wildly changing IP address and a locked down server is hard to deal with, but the dynamic hostmask and knock feature is a better solution than anybody else has
The knocking-feature i will testing again.

Quote:
To try to debug what is going on check the ioftpd.log and/or error.log file. I think one of the logfiles records the dynamic hostmask lookup, and the ip/host the user connected from is important because you can check to see if the dynamic dns name resolves to their current IP address. Normally the dynamic dns entries have 1-5 minute cache times so a user who just updated it might need to wait 5 min before ioFTPD can see the new IP address...
Yes, if i have problems the first way for me is looking in ioftpd.log and/or error.log file.

Is that all that needs to be changed?
All other entrys are ok?

I would also ask if i have understood everything right so far. My english is somewhat broken

Last edited by MONGi; 03-17-2014 at 06:35 AM.
MONGi is offline   Reply With Quote