There's not really anything you can do about that, that I know of at
least... well, maybe one thing... if you look at void init_descriptor in
comm.c, you'll find that they declare a variable of type struct hostent
in order to hold the host data that is returned from the gethostbyaddr
call to find their site name... if he's got his IP address set up to
return icky-type names for the domain name resolution, you can put in an
extra little piece of code to either search the returned domain name
string for ickies like you would do with an adult filter on web browsing
or file sharing, or you can try making the code check the returned
hostname against a reverse dns lookup and see if the returned IP address
matches the actual IP address... if this is actually a case of spoofing,
then let's saying his domain is showing yourmommasucks.com or something
like that, if you do a reverse lookup of that domain, it'll most likely
return NULL, in which case you could then just use his actual IP address
(whatever he's sending out anyway) as what displays in your sockets list
instead of the icky domain name... Try this:
In void init_descriptor, you should have an if statement that calls
getpeername, and then branches off to an else statement below... in that
else statement you should have something similar to the following:
int addr;
addr = ntohl( sock.sin_addr.s_addr );
sprintf( buf, "%d.%d.%d.%d",
( addr >> 24 ) & 0xFF, ( addr >> 16 ) & 0xFF,
( addr >> 8 ) & 0xFF, ( addr ) & 0xFF
);
from = gethostbyaddr( (char *) &sock.sin_addr,
sizeof(sock.sin_addr), AF_INET );
sprintf( log_buf, "Sock.sinaddr: %s (%s)", buf, from ?
from->h_name : "Unknown Hostname");
log_string( log_buf );
wiznet( log_buf, NULL, NULL, WIZ_LINKS, 0, 0 );
dnew->host = str_dup( from ? from->h_name : buf );
Now, under the first line there, the int addr, add this:
struct hostent *reverse;
char **p = NULL;
Then, under the "from = gethostbyaddr", put this:
if ( from && ( ( reverse = gethostbyname( from->h_name ) ) !=
NULL )
{
p = reverse->h_addr_list;
if ( bcmp ( *p, &sock.sin_addr, (size_t) reverse->h_length )
)
from->h_name = str_dup(buf);
}
All this does is check to see if it got any info from the gethostbyaddr
call, and if it did, it does a reverse lookup on the hostname info from
it... if that reverse lookup doesn't come back NULL, it does a byte
compare on the address portions of the 2 variables, and if they're
different, it sets from->h_name = buf, which is just the numeric IP
address, and that is what should show up in your sockets list instead of
the icky domain name that he spoofed... hope this helps...
Richard Lindsey
-----Original Message-----
From: Joseph Dale [mailto:[EMAIL PROTECTED]
Sent: Monday, March 01, 2004 12:25 PM
To: [email protected]
Subject: IP addies
How do you keep from having people spoof thier IP addies on your mud.
We have a user who has been using some DNS server and a firewall of some
sort and spoofing his IP to real obscene things.
We would like to try and wipe out these spoofed IP addies if possible.
Any help including code snippets where appropriate would be useful.
Thanks
Joe
--
ROM mailing list
[email protected]
http://www.rom.org/cgi-bin/mailman/listinfo/rom
