FlashFXP Forums

FlashFXP Forums (https://oss.azurewebsites.net/forum/)
-   ioFTPD General (https://oss.azurewebsites.net/forum/ioftpd/ioftpd/ioftpd-beta/ioftpd-general/)
-   -   Ident lookup thingie (https://oss.azurewebsites.net/forum/ioftpd/ioftpd/ioftpd-beta/ioftpd-general/9368-ident-lookup-thingie.html)

BeBoo 11-27-2004 09:25 PM

Ident lookup thingie
 
Hey guys

We're running a few ftp servers, and have some ident problems.

Some of our users are behind a firewall, which blocks for ident requests.
We could disable the ident lookups totally, but we have some other users, which we require to run identd.

Then i was thinking about a feature, which disabled ident lookups for users, which ident was *@ip

Thanks in advance, BeBoo

mr_F_2 11-27-2004 09:53 PM

what's wrong with

site addip <user> *@ip ???

if adding a user with a wildcard for an ident is your request you'll be happy to know it already does this

BeBoo 11-27-2004 10:44 PM

Uhm.. no
 
I've already done that, but it is still trying to lookup the ident on the machine.. and then fails the login, because the firewall blocks the connection..

wooolF[RM] 11-27-2004 10:58 PM

as mr_F said, *@ip comletely disables ident check for predefined user. Even if site checks ident, it wont care if it does match or not (because you have specified *).

Yes, I'm 100% sure about that as I got some users too who are behind some spooky FW or they just can't ident because their ISP blocks it...

Btw, you could try to delete all IPs for that troubled user and just add * (just for test). I bet $100 that he'll be able to login (yep, even if site will check his ident as you've said and even if that ident doesn't match (but it will match cause we've specified "*" which means ANY ident, even none)).

BeBoo 11-27-2004 11:19 PM

Okay thanks, i will give that a try.

BeBoo 11-27-2004 11:51 PM

Well, that was 100 bucks for me then ;)

I dont know whether this is the correct forum to post further - but we localized the problem to be that ident thingie, cause our firewall logs told us that it was trying to connect to the identd, and after that the connection to the server times out.

We just get a
421 Timeout (15 seconds): closing control connection.
error, when trying to connect.

I'm not sure that it is caused by the ident lookup problem, but that was the most obivous thing i could think of.

We got TLS enabled and required on the servers if that makes a different

wooolF[RM] 11-28-2004 03:36 PM

Nope, u still owe me $100... plus $100 for this reply.

Here how it looks like when your ident

Code:

Ident Request: server.ip.goes.here - UserID: ident.here
220 welcome.msg.goes.here
USER user.on.the.site
530 Login incorrect.
Connection failed

It doesn't matter if your mask is * or *@* or *@*.*.*.* or ident@ip or anything, site *will* send you the ident request. And only then (according to the specified mask) it will allow you in or not.


All times are GMT -5. The time now is 03:05 AM.

Powered by vBulletin® Version 3.8.11 Alpha 3
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)