Go Back   FlashFXP Forums > > > >

ioFTPD General New releases, comments, questions regarding the latest version of ioFTPD.

Reply
 
Thread Tools Rate Thread Display Modes
Old 06-14-2010, 02:18 AM   #1
urskog
Junior Member
FlashFXP Registered User
 
Join Date: Nov 2005
Posts: 10
Default Users with dynamic IP

Hi!

I'm trying to get a user that changes IP-address like you and I breathe..
I helped him register a dyndns account that gets automatically updated and doing a nslookup on it indeed gives the correct IP he's on at the moment.

Is it possible to use this in his account in io?
I've tried adding it in these two slightly different ways:
:ident@blablabla.dyndns.org
*@blablabla.dyndns.org
But the site still reports that "login failed > username> hostmask *@1.2.#.# not added." so it seems like io isn't resolving the hostname in the userfile and then compares the answer to the IP he tries to login from.

I've looked through ioftpd.ini and found a couple of entries that makes it seem like it should be supported but I can't manage to get it to work.

Please help
urskog is offline   Reply With Quote
Old 06-14-2010, 07:57 PM   #2
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

You're in luck. So far as I know ioFTPD is the only FTP server to really solve this problem...

First make sure you have the feature enabled... 'Dynamic_DNS_Lookup' under [Network] should be set to 'ALWAYS' (KNOCKED is more restrictive and a lot trickier so just use ALWAYS).

After that the form you used should be all that is required - ':ident@blablabla.dyndns.org'. If no "static" hostmask matches the user it will resolve at login time any hostmask starting with ":" to get the current IP and check that.

I do wonder a bit at the 'hostmask *@1.2.#.# not added' bit. That isn't an ioFTPD message but must be the result of some script running. It's possible that you have a 3rd party script trying to help out and automatically add some hostmasks to users and that is breaking the internal feature. Check to see if there is a PRE/POST event on the USER or PASS commands...
Yil is offline   Reply With Quote
Old 06-15-2010, 03:41 AM   #3
urskog
Junior Member
FlashFXP Registered User
 
Join Date: Nov 2005
Posts: 10
Default

Btw, I forgot to mention this in my original post but I think the io I'm running is 7.03.
Dynamic_DNS_Lookup was already set to ALWAYS.

I had a pre event on pass:
pass = TCL ..\scripts\nxTools\nxClose.tcl LOGIN
But unmarking it didn't change the behavior, sorry about the error message I gave below btw, it was taken from the eggdrop, this is how it looks in io:
Code:
[L] USER testuser
[L] 331 Password required for testuser.
[L] PASS (hidden)
[L] 530 Login failed: Your IP/hostname is not authorized.
[L] Connection failed
And checking the added IP for the user gives this info:
[R] 200-| IP1: :testident@blablabla.dyndns.org | |
I also tried changing it to *@blablabla.dyndns.org but the same error still happens.

Hmm, I wonder what else I could try to get it to work, it still doesn't seem like io is trying to do a lookup on the IP because the error message when trying to login comes with lightning speed.

One thing that does work is adding testident@*.bredbandsbolaget.se for example, the problem then of course is that I can't be sure that it is indeed the correct computer logging in so anyone that gets the ident can login from any bredbandsbolaget connected computer which is less than ideal.
urskog is offline   Reply With Quote
Old 06-15-2010, 02:07 PM   #4
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

Hmm, that all appears right. I assume if you try to "ping" or "nslookup" the name the address it resolves to shows up correctly from a command window?

Since you're trying 7.03 it probably isn't a huge deal to try 6.9.3 in a test setup since most of the .ini file is the same. The reason is pre v7.0 includes a "LOOKUP: <name>" entry in the logfile whenever it does a dynamic lookup. If you try 6.9.3 you could at least verify that it was trying to lookup the name...

Two other tidbits. If a name resolves to more than 1 IP address only the first is used. I don't think this happens with dynamic name resolvers but just letting you know. The other thing to check is if the name contains any numeric chars like 'mys1te' or something? Just in case I goofed something try it without any numbers to see if that makes a difference if the v6.9.3 shows it doesn't try to lookup the name...
Yil is offline   Reply With Quote
Old 06-17-2010, 02:15 AM   #5
urskog
Junior Member
FlashFXP Registered User
 
Join Date: Nov 2005
Posts: 10
Default

Quote:
Originally Posted by Yil View Post
Hmm, that all appears right. I assume if you try to "ping" or "nslookup" the name the address it resolves to shows up correctly from a command window?
Yes, nslookup gives the current and correct IP

Quote:
Originally Posted by Yil View Post
Two other tidbits. If a name resolves to more than 1 IP address only the first is used. I don't think this happens with dynamic name resolvers but just letting you know. The other thing to check is if the name contains any numeric chars like 'mys1te' or something? Just in case I goofed something try it without any numbers to see if that makes a difference if the v6.9.3 shows it doesn't try to lookup the name...
The name only resolves to one IP at all times I've tested with nslookup or /dns <NICK> on IRC and the dynamic name only have letters, no numbers.

Quote:
Originally Posted by Yil View Post
Since you're trying 7.03 it probably isn't a huge deal to try 6.9.3 in a test setup since most of the .ini file is the same. The reason is pre v7.0 includes a "LOOKUP: <name>" entry in the logfile whenever it does a dynamic lookup. If you try 6.9.3 you could at least verify that it was trying to lookup the name...
I'll have to try that when I get the time to see if it reports anything.
Have any plans to bring the LOOKUP entry back for the logfile in future releases?
Why was it removed, filled the log too quickly?
urskog is offline   Reply With Quote
Reply

Tags
account, compares, hostname, login, resolving

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 04:51 PM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)