Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are
spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the
password reset link.
Due to spam on this forum, all posts now need moderator approval.
Entire forum
➜ SMAUG
➜ Running the server
➜ DNS vs IP
It is now over 60 days since the last post. This thread is closed.
Refresh page
Pages: 1
2 3
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #15 on Tue 21 Jun 2005 03:54 AM (UTC) |
| Message
|
Quote:
I meant that as I saw Sock.sinaddr with the IP, I waited until the next player signed on and compared ports via the users command. That way I knew the IP. I don't understand what you mean. Like I said, it doesn't make sense for two separate connections to come from the same place with the same port. The very meaning of a port is that it services one connection. |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #16 on Tue 21 Jun 2005 04:00 AM (UTC) |
| Message
| Alright I'll provide an example.
Comm: Sock.sinaddr: 203.240.225.27, port 1809.
Alt@pcp02934895pcs.planfd01.in.comcast.net has connected.
<I type users>
Desc|Con|Idle| Port | Player @HostIP
39| 0| 14| 1809| Alt @pcp02934895pcs.planfd01.in.comcast.net
Does that make sense? I watched the port that connected and looked at the character that just signed on. Therefor, 203.240.225.27 = pcp02934895pcs.planfd01.in.comcast.net |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #17 on Tue 21 Jun 2005 04:56 AM (UTC) |
| Message
| Oh. So there's just one connection involved. In that case, yes, the IP maps to that hostname - you must have asynchronous lookups?
Where is the second connection that made you worried about multiplaying? |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #18 on Tue 21 Jun 2005 05:03 AM (UTC) Amended on Tue 21 Jun 2005 05:04 AM (UTC) by Zeno
|
| Message
| Well it was an example. Here's what the users list would have looked like:
<I type users>
Desc|Con|Idle| Port | Player @HostIP
39| 0| 14| 1809| Alt @pcp02934895pcs.planfd01.in.comcast.net
34| 0| 51| 1486| Main @203.240.225.27
The one character's IP was never resolved to the hostname no matter when he signed on, thus allowing him to bypass our multiplay alarm. |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #19 on Tue 21 Jun 2005 05:24 AM (UTC) |
| Message
| | So, the character you have labeled as 'main' there. You're saying that no matter when he logs on, he always has only the IP address? But when the character labeled 'alt' logs on, the resolve gives you a hostname? Even though both are (apparently) coming from the same IP? |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #20 on Tue 21 Jun 2005 05:27 AM (UTC) Amended on Tue 21 Jun 2005 05:28 AM (UTC) by Zeno
|
| Message
| | Right. To be more specific, it wasn't myself who caught him, it was a supervisor. What I'm really asking is that is it possible for a person/computer to "force" their IP to not be resolved to a hostname? I mean it wasn't a proxy because the person always used that comcast address. The two characters were signing on and off at long lengths between each of the time trading shards between each other. Which is highly illegal in our MUD. |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #21 on Tue 21 Jun 2005 05:35 AM (UTC) |
| Message
| | It could be possible if there is some form of spoofing going on, or if there's a proxy, firewall, etc. somewhere, that might be refusing DNS lookups after the first one. Seems funny though that somebody would go to that much trouble to cheat. Is there any reason to believe this player is the kind of person who would do that? |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #22 on Tue 21 Jun 2005 05:37 AM (UTC) |
| Message
| A firewall eh? Well I am not positive it was intentional, but I'm nearly sure it was.
Oh yes, he's caused so much trouble before. His first chat replying to a PK hate discussion was "I love PK, it gets me into the game" or something of the sort. A week later he gets his first shard, gets killed twice, complains that he was killed within 5 minutes twice (when it was really 30min) and then chats "F*** THIS MUD" and quits. A week later he is back and causing more trouble. |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #23 on Tue 21 Jun 2005 07:28 AM (UTC) |
| Message
| I'm not entirely familiar with how one could block DNS lookups however if he's behind a firewall and his firewall acts as the DNS node for his connections, it might do the trick for him.
I'd suggest that you rewrite your mplay detection to go off of IP addresses and not hostmasks. You might have to store the IP address in addition to the resolved hostmask, so that you can always compare from straight hostmask.
An interesting thing to try, next time this happens, is to ping both the IP address and the hostname. The hostname should, in principle, resolve to the IP address you first pinged; the ping tool will tell you what IP address it resolves to. If they don't match, and if you have reason to believe it's the same connection, something is afoot. |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Samson
USA (683 posts) Bio
|
| Date
| Reply #24 on Tue 21 Jun 2005 11:07 AM (UTC) |
| Message
| | Of course, if this guy is that much trouble, and you know who it is, and you are absolutely sure he's cheating, just ban his IP and be done with it. Why worry about going through all this :) | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #25 on Tue 21 Jun 2005 05:01 PM (UTC) |
| Message
| We've thought about that, but he hasn't really broken enough rules to ban him. Basically he just trolls a lot.
I thought about storing IPs to a pcdata field. But what would the IP lookup code be? I'm sure its in comm.c somewhere, just not exactly sure what. |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #26 on Tue 21 Jun 2005 06:21 PM (UTC) |
| Message
| You don't need to look up the IP address on connection; you already have it. What you do need to do is write it in string form. Fortunately, that's fairly easy.strcpy( buf, inet_ntoa( sock.sin_addr ) );
|
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #27 on Tue 21 Jun 2005 06:27 PM (UTC) Amended on Tue 21 Jun 2005 06:31 PM (UTC) by Zeno
|
| Message
| Ah but I was planning to have the IP displayed in finger also, and if there is no connection, we can't show the IP. Also, I need to include...
act_info.c:5341: warning: implicit declaration of function 'inet_ntoa'
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
Right? I want the IP to be shown in whois. But I'm not sure I understand, how does it know to get the IP from the victim?
strcpy( buf4, inet_ntoa( sock.sin_addr ) );
|
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
| Posted by
| David Haley
USA (3,881 posts) Bio
|
| Date
| Reply #28 on Tue 21 Jun 2005 06:37 PM (UTC) |
| Message
| Eh.. umm.. if there is no connection, how will you have an IP to begin with? Are you saying that you need the IP to be persistent for e.g. a link-dead player? Then yes, you'll need to put it into the pcdata...
That piece of code I gave you is taken from the connection accepting. It only works when you just accepted the connection and still have the socket structure lying around. And yes, you do need to include whatever's necessary, although I forget which files exactly you need. |
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone
http://david.the-haleys.org | | Top |
|
| Posted by
| Zeno
USA (2,871 posts) Bio
|
| Date
| Reply #29 on Tue 21 Jun 2005 06:41 PM (UTC) |
| Message
| Yeah that's what I meant, I'd like finger to show the IP of players even if they aren't on. Right now it shows the last hostname (something I added). Why shouldn't I store it in pcdata? Or did you say that just because it already existed?
I still don't understand how this line:
strcpy( buf4, inet_ntoa( sock.sin_addr ) );
Will store the IP of the victim (and not ch, or who for that matter) in buf4. |
Zeno McDohl,
Owner of Bleached InuYasha Galaxy
http://www.biyg.org | | Top |
|
The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).
To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.
106,652 views.
This is page 2, subject is 3 pages long: ![[Previous page]](/images/thin_prev.gif)
1
2 3
![[Next page]](/images/thin_next.gif)
It is now over 60 days since the last post. This thread is closed.
Refresh page
![[Go to top]](/images/gototop.gif)
top