Go Back   FlashFXP Forums > > > >

Suggestions Got a new idea or addition which would benefit IOFTPD? Post it here!

View Poll Results: Is hard-coded IP checking needed?
Essential, I have provided explanation below 27 49.09%
Desired, but script-based checking is fine 18 32.73%
Dont care 10 18.18%
Voters: 55. You may not vote on this poll

Reply
 
Thread Tools Rate Thread Display Modes
Old 07-20-2005, 08:47 AM   #1
EwarWoo
Senior Member
FlashFXP Registered User
ioFTPD Registered User
 
Join Date: Oct 2002
Posts: 462
Default IP checking poll

Just a quick straw poll to see how many people consider IP checking an important compnent of your FTP usage.
In relation to this thread:
http://www.inicom.net/forum/showthread.php?t=15198

Edit:// I would vote Essential but for some reason wont let me vote or view results on the poll I posted, so whatever the results let me know and add 1 on there
EwarWoo is offline   Reply With Quote
Old 07-20-2005, 09:29 AM   #2
whocarez2k5
Senior Member
ioFTPD Foundation User
 
Join Date: Jul 2005
Posts: 147
Default

Essential!

Can't vote either:
Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Some account settings are not fixed i guess, also can't get on the ioFTPD Registered Members Only section

But back on topic i would say Essential.
Because after reading topic i agree with al the staments that are said about this future.
I must say that i'm not a guru ioFTPD user just playing with it for a couple of days now but i think this future is a must and is in my opinion more secure.
easy to fake IP or not in combo with cert you got the most secure server there is i think, so use them both! (if possible?)
And for the IP storage for that function (dunno if that happends but must be a logical thought) i'm sure there is a way to encrypt that
whocarez2k5 is offline   Reply With Quote
Old 07-20-2005, 09:30 AM   #3
foxmaster
Member
ioFTPD Foundation User
 
Join Date: Sep 2004
Posts: 31
Default

foxmaster, you do not have permission to access this page. This could be due to one of several reasons:

this is what I get ????
foxmaster is offline   Reply With Quote
Old 07-20-2005, 10:15 AM   #4
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default

Quote:
Originally Posted by EwarWoo
Just a quick straw poll to see how many people consider IP checking an important compnent of your FTP usage.
In relation to this thread:
http://www.inicom.net/forum/showthread.php?t=15198

Edit:// I would vote Essential but for some reason wont let me vote or view results on the poll I posted, so whatever the results let me know and add 1 on there
This is rather pointless. How many times do I need to state, that this is something that can be scripted (there is absolutely no reason to have it hardcoded). Also, at the moment it looks like that none of the SITE commands will be hardcoded because of:

a) Use of (LUA) scripted command has neglible implication on general server performance.
b) Eventually most (all?) commands are likely to be scripted. There will be hardcoded helper functions for LUA that can be used to improve performance.
c) Io resolves client's hostname, and places it to client environment - only task left to do, is to go through list of ips stored in user/group contexts'.

pseudo-code USER command:
Code:
client = current_client();
if (is_logged_in(client)) {
  echo("530 Already logged in.");
  return;
}
user_name = get_arg_string(1, STR_END);
if (set_env(client, "UserName", user_name)) {
  echo("331 Password required for " + str(user_name));
} else {
  echo("530 Error:" + strerror(get_last_error()));
}

pseudo-code PASS command:
Code:
client = current_client();
if (is_logged_in(client)) {
  echo("530 Already logged in.");
  return;
}
user_name = get_env(client, "UserName");
if (! user_name) {
  echo("530 Use USER to login.");
  return;
}

uid = get_uid(user_name);
if (uid == INVALID_ID) {
  echo("530 Error:" + strerror(get_last_error()));
  return;
}
user = load_user(uid);
if (! user) {
  echo("530 Error:" + strerror(get_last_error()));
  return;
}
// ip-check
row_id = get_row_id(user, "Ip");
ip_cnt = get_row_count(user, row_id);
if (ip_cnt > 0) {
  match = false;
  client_host = get_env(client, "Hostname");
  client_ip = get_env(client, "Ip");
  while (ip_cnt--) {
    tmp_str = get_column_value(user, row_id, ip_cnt, 0);
    if (! str_match(client_host, tmp_str) ||
        ! str_match(client_ip, tmp_str)) {
      match = true;
      break;
    }
  }
  if (! match) {
    echo("530 Invalid username/password.");
    return;
  }
}

if (login_client(client, user, get_arg_string(1, STR_END))) {
  echo("230 Login successful.");
} else {
  echo("530 Error:" + strerror(get_last_error()));
}
darkone is offline   Reply With Quote
Old 07-20-2005, 11:12 AM   #5
Grendel
Senior Member
FlashFXP Beta Tester
ioFTPD Scripter
 
Grendel's Avatar
 
Join Date: Jul 2004
Posts: 187
Default

Quote:
Originally Posted by foxmaster
foxmaster, you do not have permission to access this page. This could be due to one of several reasons:

this is what I get ????

same for me
and I cannot post anything in
"ioFTPD Registered Members Only" Sektion too
i got same message.

__________________
- FlashFXP v4.0 BETA (v3.7.9 Build 1401) registered
- Windows 7 x64
- McAfee Antivirus Enterprise 8.7i Patch 2 + Antispyware 8.7i
Grendel is offline   Reply With Quote
Old 07-20-2005, 11:55 AM   #6
Linkster
Moderator
Administrator
 
Join Date: Oct 2001
Location: New Mexico, USA
Posts: 1,070
Default

ok, i'll work on the permissions today...i think its fixed for now, but let me know if you run into anything else.
Linkster is offline   Reply With Quote
Old 07-20-2005, 01:05 PM   #7
JoC
Member
FlashFXP Registered User
ioFTPD Foundation User
 
Join Date: Feb 2004
Posts: 76
Default

Got this when i tried to vote, so seems the error still is there.
Code:
JoC, you do not have permission to access this page. This could be due to one of several reasons:

Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system? 
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
JoC is offline   Reply With Quote
Old 07-20-2005, 03:01 PM   #8
Linkster
Moderator
Administrator
 
Join Date: Oct 2001
Location: New Mexico, USA
Posts: 1,070
Default

whoa, that is weird. all the permissions looked good, so I tried to vote myself...it allowed it, but took me to an archived poll for some reason.. The arechive is locked down, which might be causing the poll posting problem. I'll look into this further.
Linkster is offline   Reply With Quote
Old 07-20-2005, 05:10 PM   #9
tuff
Senior Member
FlashFXP Registered User
ioFTPD Scripter
 
Join Date: Jan 2003
Posts: 277
Default Scripters!

Scripters are here cause most of us actually enjoy scripting, this doesnt mean that we should be taken advantage of, and used to script everything that isnt seen fit to be included as a core component. We arent the ones being paid, and it seems very unfair that everytime something is requested, its always the `this can be scripted` standard reply

on another note, there is still problems with this page, most people cant vote, and even less can view the poll results

this thread is topic`d in #ioFTPD on efnet, where the whiners hang out
__________________
#iotools #ioftpd (both on efnet)
tuff is offline   Reply With Quote
Old 07-20-2005, 06:13 PM   #10
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default

We're now talking less than 20lines of code :I Ihmo. this is getting really ridiculous - I simply don't want IP table to default database structure. And no, I don't like idea of having config option for it either.. so it'll be a script, and it will most likely come with default installation (disabled by default). I might even implement user credits using script - can't really see any reason not to do so

Ps. I could have implemented the function in time it took to write this post, but I still didn't.
darkone is offline   Reply With Quote
Old 07-21-2005, 07:50 AM   #11
Mr_X
Senior Member
FlashFXP Registered User
ioFTPD Foundation User
 
Join Date: Sep 2003
Posts: 142
Default

I can't vote to this poll but I think IP checking is essential.
Just another question: I'm registered but I don't know where to add this information in my CP.
Mr_X is offline   Reply With Quote
Old 07-21-2005, 08:53 AM   #12
Jog
Member
ioFTPD Foundation User
 
Join Date: Jul 2003
Posts: 83
Default

I can't vote to this poll but I think IP checking is essential. .. too
Jog is offline   Reply With Quote
Old 07-21-2005, 11:11 AM   #13
Nicknet
Junior Member
 
Join Date: Apr 2005
Posts: 16
Default

very sad for this decision..i want ip checking in core and not in script..
Nicknet is offline   Reply With Quote
Old 07-21-2005, 11:21 AM   #14
Linkster
Moderator
Administrator
 
Join Date: Oct 2001
Location: New Mexico, USA
Posts: 1,070
Default

Ok, everyone should be able to vote on this poll now. It was crosslinked with another thread in the archive. Apparently, polls didn't come over in the conversion. All old polls have been removed for now.
Linkster is offline   Reply With Quote
Old 07-21-2005, 03:42 PM   #15
darkone
Disabled
FlashFXP Registered User
ioFTPD Administrator
 
darkone's Avatar
 
Join Date: Dec 2001
Posts: 2,230
Default

This is really ridiculous. You need to understand that I'm trying to make ioftpd completely script driven instead of having N hardcoded features. Even certificate based authentication will be eventually handled by scripts - perhaps not in 1.0, but later on when I can focus on adding new lua functions. Finally there is virtually no difference between operation performed by LUA script and operation performed C-function. Though, you can't modify hardcoded code path without disassembling the source - which is illegal.

If someone comes up with sane explanation why it should be hardcoded, I will make it so. But so far I've only heard arguments of which none is based on truth:

1) IP-check is part of File Transfer Protocol: it isn't.
2) Scripts are not as reliable: higher level programming languages are more reliable.
3) Scripts are slow: read about LUA.
4) Why did you remove it in first place: 1.0 is complete rewrite, it wasn't there to be removed in the first place.
5) Config option: ihmo default configuration should be minimal and provide basic functionality. Adding dozens of config options that of 90% are obsolete to most, is not something I would ever even consider.
5) If it is so easy to add, why not to: It has much to do with default database structure. I don't think IP table is something, that should be mandatory.

I think I'm through with this subject.. prepare to install script
darkone is offline   Reply With Quote
Reply

Tags
checking, ftp, poll, results, vote

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 04:37 PM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)