| Author |
 Topic  |
|
|
Sandro
Starting Member
Belgium
26 Posts |
 Posted - 28 August 2002 : 08:04:23
|
In belgium lots of people surf with the provider telenet (www.telenet.be) and they use a mandatory proxy, is people surf a site the ip of the proxy is used for ip detection request.servervariables(remote_addr) but with this mod the real ip is extracted from the ip's available to the server like http_x_forwarded_for and http_client_ip.
This script will find the best ip to use, if one is not available it uses the oter, and finally still using the remote_addr if no other ip is found. the mod can be found at http://forum.mastrosoft.com/mods/inc_func_ipscript.txt and a testexample at http://forum.mastrosoft.com/mods/inc_func_ipscript_test.asp
It is a rather simple MOD but can be handy if someone is spamming the board. and with the proxy's ip you can't do much, but with his real ip you can send an abuse to his provider. (maybe telenet hasn't the best abuse department  , but other providers who work with such a proxy might.)
Greetings,
Sandro |
|
|
tangoc9999
Junior Member
USA
158 Posts |
Posted - 28 August 2002 : 10:23:15
|
great mod  |
TANGO
Computers run on smoke, when the smoke comes out, they quit running!
 |
 |
|
|
Jeepaholic
Average Member
USA
697 Posts |
|
|
Sandro
Starting Member
Belgium
26 Posts |
Posted - 28 August 2002 : 17:38:08
|
computers on my intranet (oeh, intranet not allowed with my provider , don't tell them) show the ip of my computer (the gateway) so that appears to be covered too, i guess this http_x_forwarded_for is only able to contain a routable ip. Haven't tried it out with a local intranet proxy, but I think it is the same for that too.
Greetings,
Sandro |
|
|
|
tangoc9999
Junior Member
USA
158 Posts |
Posted - 28 August 2002 : 22:11:50
|
| at work i am behind a firewall on a corparate proxy and it shows my assigned dhcp ip to my machine. |
TANGO
Computers run on smoke, when the smoke comes out, they quit running!
|
|
|
|
Jeepaholic
Average Member
USA
697 Posts |
|
|
tangoc9999
Junior Member
USA
158 Posts |
Posted - 29 August 2002 : 00:36:56
|
| Al, it appears to be routable. |
TANGO
Computers run on smoke, when the smoke comes out, they quit running!
|
|
|
|
Sandro
Starting Member
Belgium
26 Posts |
Posted - 29 August 2002 : 13:23:02
|
seems quite covered then
I remember an error on one network, but that showed unknown as the ip, but also for the remote_addr (i think), I'll check it out somtime when I'm back there, if not then I'll make a change to get the remote_addr instead.
Greetings,
Sandro |
|
|
|
Jeepaholic
Average Member
USA
697 Posts |
Posted - 29 August 2002 : 14:18:34
|
I just built some status updates into your script so we could see exactly what's happening when someone uses this script. I have yet to see anything other than the REMOTE_ADDR work, but I just may not have the right scenario?
My response is always something like this:
Trying HTTP_X_FORWARDED_FOR: Failed - Value = ''
Trying HTTP_CLIENT_IP: Failed - Value = ''
Trying REMOTE_ADDR: Success - Value = '68.8.73.55'
I also got this when using this script on a server that's behind a MS ISA box. It would give me the non-routable IP address of the ISA box as the REMOTE_ADDR. <shrug> Probably not the same scenario? Would love to hear if this works for others!
The script is here:
http://www.jeepaholics.com/myip.asp
Anyone else? |
Al Bsharah
Aholics.com
Jeepaholics Anonymous
Broncoholics Anonymous
Network Insight
|
Edited by - Jeepaholic on 29 August 2002 14:19:58 |
|
|
|
Sandro
Starting Member
Belgium
26 Posts |
Posted - 29 August 2002 : 16:12:12
|
This is my content:
Trying HTTP_X_FORWARDED_FOR: Success - Value = '213.224.243.###'
(i masked the last digits )
these statusupdates are only possible for standalone use of the script ofcourse
But do you mean the server is behind the MS ISA box? or the client? and is the ISA configured as proxy or just firewall? and is the network behind it a private (not-routable) network?
|
|
|
|
Jeepaholic
Average Member
USA
697 Posts |
Posted - 29 August 2002 : 17:13:26
|
Cool! Hey, for curiosity sake, try this script and see what it says:
http://www.jeepaholics.com/myip2.asp
This one will just simply show all the values. I'm curious to see what your others are.
As for my ISA setup, it's like this:
1) ISA Box has routable IP on outside
2) ISA Box has non-routable IP on inside
3) ISA Box acts as a proxy for the web server that sits on the non-routable side
4) Script on web server shows inside ISA non-routable IP for all web requests
I'm sure there's a setting on the ISA box to forward the actual IP (which needs to be done) but this isn't a box I really have control over...so, might take some research. |
Al Bsharah
Aholics.com
Jeepaholics Anonymous
Broncoholics Anonymous
Network Insight
|
|
|
|
Sandro
Starting Member
Belgium
26 Posts |
Posted - 30 August 2002 : 03:26:08
|
Output is:
HTTP_X_FORWARDED_FOR: '213.224.243.###'
HTTP_CLIENT_IP: ''
REMOTE_ADDR: '213.224.83.110'
(the remote_addr is the providers proxy, if the script is placed in default.asp and you do not give up the filename then http_x_forwarded_for gives this: 213.224.243.###, 213.224.83.110
that's the reason for te split on the end.
you get the ip of the isa on remote_addr because it is the proxy, but http_x_forwarded_for does not contain your internal ip since it is non-routable.
and about the script behind the isa server, I guess it is normal to show the internal ip on internal network, because it is available from there (it is routable internally), but from the outside it isn't so it shows the routable ip (for the internet that is) closest to the computer, If you go to a website, from inside the internal network, tot the external, then you will see the ip of the proxy. |
|
|
|
Sandro
Starting Member
Belgium
26 Posts |
Posted - 11 November 2002 : 16:01:57
|
Ok, I found a flaw, but it happens when a proxy is not well configured, some malconfigured proxy's give out an ip from the private range. therefore i changed the script and made Version 2, it can be found here: http://www.mastrosoft.com/forums/mods/
this version detects if an ip is from the private range, if so it ignores it and checks the others, also other variables which can contain an ipaddress are checked now.
Greets,
Sandro |
Edited by - Sandro on 11 November 2002 16:03:44 |
|
|
|
jkmcgrath
Junior Member
USA
145 Posts |
Posted - 17 November 2002 : 13:18:40
|
I am a lil unsure of the implementation of this mod. (I luv the mod!)
Is the example below how to do it?
strUserIP = RemoteIpAddress()Request.ServerVariables("REMOTE_ADDR")
strScriptName = Mid(Request.ServerVariables("SCRIPT_NAME"), InstrRev(Request.ServerVariables("SCRIPT_NAME"), "/")+1)
strQueryString = Request.ServerVariables("QUERY_STRING")
strUserAgent = Request.ServerVariables("HTTP_USER_AGENT")
strCurrentTime = DateToStr(strForumTimeAdjust)
|
Delta Force Seals |
|
|
|
Sandro
Starting Member
Belgium
26 Posts |
Posted - 27 November 2002 : 14:44:59
|
yes, that's exactly how you should use it, there is now a minor new release available.
Greets,
Sandro |
|
|
|
jkmcgrath
Junior Member
USA
145 Posts |
Posted - 27 November 2002 : 16:55:35
|
| Thank you very much. I dl the latest and will implement it over the holiday. |
Delta Force Seals |
|
|
| |
Topic |
|
Topic Locked
