Suggestions Got a new idea or addition which would benefit IOFTPD? Post it here! |
View Poll Results: Is hard-coded IP checking needed?
|
Essential, I have provided explanation below
|
|
27 |
49.09% |
Desired, but script-based checking is fine
|
|
18 |
32.73% |
Dont care
|
|
10 |
18.18% |
07-20-2005, 08:47 AM
|
#1
|
Senior Member
FlashFXP Registered User ioFTPD Registered User
Join Date: Oct 2002
Posts: 462
|
IP checking poll
Just a quick straw poll to see how many people consider IP checking an important compnent of your FTP usage.
In relation to this thread:
http://www.inicom.net/forum/showthread.php?t=15198
Edit:// I would vote Essential but for some reason wont let me vote or view results on the poll I posted, so whatever the results let me know and add 1 on there
|
|
|
07-20-2005, 09:29 AM
|
#2
|
Senior Member
ioFTPD Foundation User
Join Date: Jul 2005
Posts: 147
|
Essential!
Can't vote either:
Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Some account settings are not fixed i guess, also can't get on the ioFTPD Registered Members Only section
But back on topic i would say Essential.
Because after reading topic i agree with al the staments that are said about this future.
I must say that i'm not a guru ioFTPD user just playing with it for a couple of days now but i think this future is a must and is in my opinion more secure.
easy to fake IP or not in combo with cert you got the most secure server there is i think, so use them both! (if possible?)
And for the IP storage for that function (dunno if that happends but must be a logical thought) i'm sure there is a way to encrypt that
|
|
|
07-20-2005, 09:30 AM
|
#3
|
Member
ioFTPD Foundation User
Join Date: Sep 2004
Posts: 31
|
foxmaster, you do not have permission to access this page. This could be due to one of several reasons:
this is what I get ????
|
|
|
07-20-2005, 10:15 AM
|
#4
|
Disabled
FlashFXP Registered User ioFTPD Administrator
Join Date: Dec 2001
Posts: 2,230
|
Quote:
Originally Posted by EwarWoo
Just a quick straw poll to see how many people consider IP checking an important compnent of your FTP usage.
In relation to this thread:
http://www.inicom.net/forum/showthread.php?t=15198
Edit:// I would vote Essential but for some reason wont let me vote or view results on the poll I posted, so whatever the results let me know and add 1 on there
|
This is rather pointless. How many times do I need to state, that this is something that can be scripted (there is absolutely no reason to have it hardcoded). Also, at the moment it looks like that none of the SITE commands will be hardcoded because of:
a) Use of (LUA) scripted command has neglible implication on general server performance.
b) Eventually most (all?) commands are likely to be scripted. There will be hardcoded helper functions for LUA that can be used to improve performance.
c) Io resolves client's hostname, and places it to client environment - only task left to do, is to go through list of ips stored in user/group contexts'.
pseudo-code USER command:
Code:
client = current_client();
if (is_logged_in(client)) {
echo("530 Already logged in.");
return;
}
user_name = get_arg_string(1, STR_END);
if (set_env(client, "UserName", user_name)) {
echo("331 Password required for " + str(user_name));
} else {
echo("530 Error:" + strerror(get_last_error()));
}
pseudo-code PASS command:
Code:
client = current_client();
if (is_logged_in(client)) {
echo("530 Already logged in.");
return;
}
user_name = get_env(client, "UserName");
if (! user_name) {
echo("530 Use USER to login.");
return;
}
uid = get_uid(user_name);
if (uid == INVALID_ID) {
echo("530 Error:" + strerror(get_last_error()));
return;
}
user = load_user(uid);
if (! user) {
echo("530 Error:" + strerror(get_last_error()));
return;
}
// ip-check
row_id = get_row_id(user, "Ip");
ip_cnt = get_row_count(user, row_id);
if (ip_cnt > 0) {
match = false;
client_host = get_env(client, "Hostname");
client_ip = get_env(client, "Ip");
while (ip_cnt--) {
tmp_str = get_column_value(user, row_id, ip_cnt, 0);
if (! str_match(client_host, tmp_str) ||
! str_match(client_ip, tmp_str)) {
match = true;
break;
}
}
if (! match) {
echo("530 Invalid username/password.");
return;
}
}
if (login_client(client, user, get_arg_string(1, STR_END))) {
echo("230 Login successful.");
} else {
echo("530 Error:" + strerror(get_last_error()));
}
|
|
|
07-20-2005, 11:12 AM
|
#5
|
Senior Member
FlashFXP Beta Tester ioFTPD Scripter
Join Date: Jul 2004
Posts: 187
|
Quote:
Originally Posted by foxmaster
foxmaster, you do not have permission to access this page. This could be due to one of several reasons:
this is what I get ????
|
same for me
and I cannot post anything in
"ioFTPD Registered Members Only" Sektion too
i got same message.
__________________
- FlashFXP v4.0 BETA (v3.7.9 Build 1401) registered
- Windows 7 x64
- McAfee Antivirus Enterprise 8.7i Patch 2 + Antispyware 8.7i
|
|
|
07-20-2005, 11:55 AM
|
#6
|
Moderator
Administrator
Join Date: Oct 2001
Location: New Mexico, USA
Posts: 1,070
|
ok, i'll work on the permissions today...i think its fixed for now, but let me know if you run into anything else.
|
|
|
07-20-2005, 01:05 PM
|
#7
|
Member
FlashFXP Registered User ioFTPD Foundation User
Join Date: Feb 2004
Posts: 76
|
Got this when i tried to vote, so seems the error still is there.
Code:
JoC, you do not have permission to access this page. This could be due to one of several reasons:
Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
|
|
|
07-20-2005, 03:01 PM
|
#8
|
Moderator
Administrator
Join Date: Oct 2001
Location: New Mexico, USA
Posts: 1,070
|
whoa, that is weird. all the permissions looked good, so I tried to vote myself...it allowed it, but took me to an archived poll for some reason.. The arechive is locked down, which might be causing the poll posting problem. I'll look into this further.
|
|
|
07-20-2005, 05:10 PM
|
#9
|
Senior Member
FlashFXP Registered User ioFTPD Scripter
Join Date: Jan 2003
Posts: 277
|
Scripters!
Scripters are here cause most of us actually enjoy scripting, this doesnt mean that we should be taken advantage of, and used to script everything that isnt seen fit to be included as a core component. We arent the ones being paid, and it seems very unfair that everytime something is requested, its always the `this can be scripted` standard reply
on another note, there is still problems with this page, most people cant vote, and even less can view the poll results
this thread is topic`d in #ioFTPD on efnet, where the whiners hang out
__________________
#iotools #ioftpd (both on efnet)
|
|
|
07-20-2005, 06:13 PM
|
#10
|
Disabled
FlashFXP Registered User ioFTPD Administrator
Join Date: Dec 2001
Posts: 2,230
|
We're now talking less than 20lines of code :I Ihmo. this is getting really ridiculous - I simply don't want IP table to default database structure. And no, I don't like idea of having config option for it either.. so it'll be a script, and it will most likely come with default installation (disabled by default). I might even implement user credits using script - can't really see any reason not to do so
Ps. I could have implemented the function in time it took to write this post, but I still didn't.
|
|
|
07-21-2005, 07:50 AM
|
#11
|
Senior Member
FlashFXP Registered User ioFTPD Foundation User
Join Date: Sep 2003
Posts: 142
|
I can't vote to this poll but I think IP checking is essential.
Just another question: I'm registered but I don't know where to add this information in my CP.
|
|
|
07-21-2005, 08:53 AM
|
#12
|
Member
ioFTPD Foundation User
Join Date: Jul 2003
Posts: 83
|
I can't vote to this poll but I think IP checking is essential. .. too
|
|
|
07-21-2005, 11:11 AM
|
#13
|
Junior Member
Join Date: Apr 2005
Posts: 16
|
very sad for this decision..i want ip checking in core and not in script..
|
|
|
07-21-2005, 11:21 AM
|
#14
|
Moderator
Administrator
Join Date: Oct 2001
Location: New Mexico, USA
Posts: 1,070
|
Ok, everyone should be able to vote on this poll now. It was crosslinked with another thread in the archive. Apparently, polls didn't come over in the conversion. All old polls have been removed for now.
|
|
|
07-21-2005, 03:42 PM
|
#15
|
Disabled
FlashFXP Registered User ioFTPD Administrator
Join Date: Dec 2001
Posts: 2,230
|
This is really ridiculous. You need to understand that I'm trying to make ioftpd completely script driven instead of having N hardcoded features. Even certificate based authentication will be eventually handled by scripts - perhaps not in 1.0, but later on when I can focus on adding new lua functions. Finally there is virtually no difference between operation performed by LUA script and operation performed C-function. Though, you can't modify hardcoded code path without disassembling the source - which is illegal.
If someone comes up with sane explanation why it should be hardcoded, I will make it so. But so far I've only heard arguments of which none is based on truth:
1) IP-check is part of File Transfer Protocol: it isn't.
2) Scripts are not as reliable: higher level programming languages are more reliable.
3) Scripts are slow: read about LUA.
4) Why did you remove it in first place: 1.0 is complete rewrite, it wasn't there to be removed in the first place.
5) Config option: ihmo default configuration should be minimal and provide basic functionality. Adding dozens of config options that of 90% are obsolete to most, is not something I would ever even consider.
5) If it is so easy to add, why not to: It has much to do with default database structure. I don't think IP table is something, that should be mandatory.
I think I'm through with this subject.. prepare to install script
|
|
|
Thread Tools |
|
Display Modes |
Rate This Thread |
Linear Mode
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 11:27 PM.
|