This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Java in General and the fly likes Blocking IP addresseses Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Blocking IP addresseses" Watch "Blocking IP addresseses" New topic
Author

Blocking IP addresseses

john price
Ranch Hand

Joined: Feb 24, 2011
Posts: 495

I am building an Applet chat client. I have previously made this in an application. If a user got blocked (a mod could type special things in to kick them), they wouldn't be able to get on because of a file hidden in a location on the computer (in the applicatoin). I have an idea about how a mod could kick someone in the applet... When the application starts, it sends the IP address to the server. If the IP address is not in a location (a txt file on the server or in some kind of list), it passes and allows it to access the data. If the IP address matches another IP address in the file and/or list, it does not allow it to go from there. When the logged in user (they are logged in or out through the IP address check), they will try to send messages. When they send a message, it will send an IP address in the front. The server will then parse that IP address to make sure it is okay (compare values, etc). I have some questions :
What would be better, a file, list, or both to compare against IP values? If I go with both, should I load/unload the file at certain times (through a timer)?
How do I parse IP addresses? They are not always "xxx.xxx.xxx.xxx". Sometimes they are "xx.xxx.xxx.xxx" or another. Do I just parse/tokenise the output for the 3rd period (have the client add a period after that so I could have a valid IP address each time (ie. "#.#.#.#. + Message" Parse 4th period, compare against list/file, send message to clients or not accept)?
What if someone made their own client and could enter in their own IP addresses, so that they could get one message per IP address? Ie. Make a program to where you could type in xxx.xxx.xxx.xxx. Then, they could make up IP addresses and have full access for each IP address...
Thanks,
cc11rocks

EDIT (clarification) : For the self-made client... make a program that automatically comes up with random digits under 255 for four numbers. They parse those numbers into a fake IP address. Then they put their message right after. They would then have access to the server because that IP isn't in the system. Should I add a passcode to the beginning of the String (String + IP + message)? Should I have the string change (synchronized on timers between client & server)? What is the solution?


“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” (Mosher's Law of Software Engineering)
“If debugging is the process of removing bugs, then programming must be the process of putting them in.” (Edsger Dijkstra)
john price
Ranch Hand

Joined: Feb 24, 2011
Posts: 495

Thanks for the help guys!
Anyway, fixed this problem by doing a "socket.getRemoteAddress()". Then, I take that address and shave off the end (it's a dynamic port number or something). I take the base address, which looks something like this : "/xx.xxx.xxx.xxx". Then, I compare that to an ArrayList of Strings. If the IP string matches any strings in that ArrayList, it ignores the input. A mod (me) on the hosting Server can add Strings to the ArrayList through a GUI (the mod, me, can monitor all incoming information). In the GUI, I can also remove Strings from the ArrayList, restoring access to that IP address...
This is a MUCH, MUCH, MUCH better security system than I had on my previous client, were most of the security information was on the client. All the security and filters will now be moved to the server (on my new program).
Please help me in my posts,
cc11rocks
Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19649
    
  18

venkatesh Nunna,
Your post was moved to a new topic.


SCJP 1.4 - SCJP 6 - SCWCD 5 - OCEEJBD 6
How To Ask Questions How To Answer Questions
 
jQuery in Action, 2nd edition
 
subject: Blocking IP addresseses
 
Similar Threads
Server pushing events to Applet
finding the server
bulk mail and bulk sms
Chat Programming.
directly access a web service without localhost:8080/ProjectName/service/Webservice