IP access list reordering itself

Please post here if you have problems in using Wing FTP Server.
Post Reply
i_leeder
Posts: 2
Joined: Wed Jun 24, 2015 5:25 am

IP access list reordering itself

Post by i_leeder »

Hi,

I've recently been shown (and thrown) the ropes for our company FTP server, so I added my IP to the access list for the admin account. Since then, we've had some problems. In the last 2 days, the ordering of the access list has changed by itself on 3 separate occasions. This causes problems, as the last entry should be deny, however it is getting moved to the top or 2nd position in the list which locks everyone out. It has also been reported to me that in one instance the server was offline.

When I added my IP I did so directly above the Deny rule, second from the bottom. Right now my IP is top of the list. I think at some point the list was completely reversed, although I don't have the records to confirm that.

As far as I know this issue is new, and the only change has been the addition of another entry. Is there a limit to the size of the IP access list? We have 14 entries, including the final Deny all.

Additionally since looking into it I've discovered we are applying the list to the admin account directly, but I see there is another area to apply to all admin accounts (we only have the one). Does that make a difference?

I'm running 4.3.8 Corporate. The only changes to access list that I can see in the revision history are in v4.4.1, but that is only to do with formatting of the entries.

Has anyone seen such an issue with the IP access list? I could try and update, but I'd rather not change things unless I have an indication it may help, and going by the revision notes I don't think upgrading will help.

Thanks,
Ian
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: IP access list reordering itself

Post by FTP »

OK, please upgrade to the latest version 4.4.9 first, and for the IP access rules, you just need to add all "ALLOW" rules (then the IPs not belong to the rules will be denied), or add all "DENY" rules (then the IPs not belong to the rules will be allowed).
i_leeder
Posts: 2
Joined: Wed Jun 24, 2015 5:25 am

Re: IP access list reordering itself

Post by i_leeder »

Thanks for the tip, I missed the fact that a list comprised solely of Allow entries will implicitly deny. Makes sense.
I've implemented this without upgrading, but I'm confident this will fix my problems. Now it doesn't matter if the list reorders, there is no Deny that will cause grief.

Thanks for the help,
Ian
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: IP access list reordering itself

Post by FTP »

Great! But you had better upgrade to the latest version because it is better than your current version.
Post Reply