?
Solved

C#  RemoteIPEndPoint IPAddress List ???

Posted on 2004-09-22
12
Medium Priority
?
707 Views
Last Modified: 2008-01-09
Generaly, the code reads like this to accept UDP data from any IP and any Port source.

RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0);

Q. How can I specify a list of IP's???
0
Comment
Question by:kvnsdr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 10

Assisted Solution

by:eternal_21
eternal_21 earned 213 total points
ID: 12128781
You cannot use the System.Net.IPAddress class to specifc an arbitrary 'list of IPs.'  What is it exactly you are trying to do?
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12129478
I have a UDP syslog reciever and I'm attempting to allow or disallow certain IP from accessing my port.........
0
 
LVL 18

Assisted Solution

by:armoghan
armoghan earned 213 total points
ID: 12129862
I think , with endPoint you can give either one address or any.
You can reject a connection after wards by checking teh IP ?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 19

Assisted Solution

by:drichards
drichards earned 1074 total points
ID: 12130241
With the .NET IP functions, the best you can do is have your program filter out packets from "bad" sources.  The API does not give you a way to receive from only selected sources.  You will need to use ReceiveFrom to get the source IP info and filter accordingly.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12133296
drichards:

   Here is the code (MSDN web site) I'm currently using.

Q. Can you modify the following code using 'RecieveFrom' as you've mentioned?

int servPort = 514;
server = new UdpClient(servPort);
RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0);
Byte[] receivedBytes = server.Receive(ref RemoteIpEndPoint);
str = System.Text.Encoding.ASCII.GetString(receivedBytes);
 
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 1074 total points
ID: 12134288
If you're using UdpClient (I assume you are based on your code) rather than a Socket, then I think what you've got is correct.  The RemoteEndPoint should contain the IP/port of the source.  You can compare this to a list (shorter of acceptable/unacceptable addresses/ports) and either accept or reject the data accordingly.  The code you have looks OK.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12135262

Q. Can you modify the following code using 'RecieveFrom' as you've mentioned?

Q. Can you provide code to compare?
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 1074 total points
ID: 12135703
Here's how to do ReceiveFrom on a Socket - it's the same as doing Receive on a UdpClient:

            System.Net.Sockets.Socket s = new System.Net.Sockets.Socket(System.Net.Sockets.AddressFamily.InterNetwork,
                                                                        System.Net.Sockets.SocketType.Dgram,
                                                                        System.Net.Sockets.ProtocolType.Udp);
            int servPort = 514;
            System.Net.IPEndPoint localEP = new System.Net.IPEndPoint(System.Net.IPAddress.Any, servPort);
            s.Bind(localEP);
            byte[] receivedBytes = new byte[2048];
            System.Net.IPEndPoint RemoteEndPoint = new System.Net.IPEndPoint(System.Net.IPAddress.Any, 0);
            System.Net.EndPoint rep = (System.Net.EndPoint)RemoteEndPoint;
            s.ReceiveFrom(receivedBytes, ref rep);
            str = System.TextEncoding.ASCII.GetString(receivedBytes);

RemotEndPoint will have the address of the remote device after the ReceiveFrom returns, same as in UdpClient.Receive.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12135893
 My goal is to prevent unauthorized clients from sending UDP Syslog data to a particular server. So, I'm currious if some sort of light encryption my be enough. Then an unauthorized udp sent to the server would not be read......... Port blocking on a firewall usally accepts IP ranges, not a list of IPs...... I will continue to use UDP because its a quick-n-dirty, connectionless protocol that works very well for syslog message transfers.

Q. Any suggestions???
0
 
LVL 19

Accepted Solution

by:
drichards earned 1074 total points
ID: 12136228
What filtering criteria are you intending to use?  You have a couple of choices, and you'll need to figure out which one meets your needs.  If you are contemplating some form of encryption, then presumably your service is on some well-known port that you expect unwanted connections on.  Otherwise, simply having your client software would be sufficient.

What exactly is your scenario?

1) Do you expect data other than your app on the port?
2) Are you trying to protect against clients that have "gone bad"?  Meaning will you expect to have to block clients that were OK previously?
3) Will you be allowing everyone with a few exceptions or will you deny everyone with a few exceptions?
4) Do you want the client to be notified of rejection?

My thought is that you have the equivalent of a hosts.allow or hosts.deny file that your server looks at to determine who is legal.  Once your server receives the data, check the source address/port against the addresses in the file (which you read in at startup/reset) and accept/drop the packet accordingly.  The client will not know whether it was received.

Encryption just adds overhead and not much value.  How would you tell if a packet was good?  Even if this were easy, you'd have to decrypt to determine if the raw data is a message you care about.  You still have to receive the data and now you have to decrypt it too.  You're better off filtering by the address/port, I think.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12137251
Yes, there are many reasons to disable client access. Sometims it's simply for server testing purposes, cpu load concerns and so forth. My concerns are primarily people who port scan and send eroneous data to the syslog server. There's one in every crowd. Sending a message back to a 'bad' user is not neccessary. In some cases it lets them know they got-your-goat so to speak, so I think ignoring certain IPs is the best solution. It would be nice if Microsoft would simply allow 'lists' of IPs......
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 1074 total points
ID: 12137461
There is a packet filtering API (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/rras/rras/pf_filter_descriptor.asp) but then you're defining rules for the whole box, not just your app.  You'd have to use PInvoke or similar from C# as it's a native API.  Really, though, I don't think it's hard to implement your own list as long as it's your server app that's involved.  Read in the file at startup and accept only messages from those clients (or ignore only those clients).  You can set up a file watcher to check if the list file changes so you can reload the list.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In order to hide the "ugly" records selectors (triangles) in the rowheaders, here are some suggestions. Microsoft doesn't have a direct method/property to do it. You can only hide the rowheader column. First solution, the easy way The first sol…
We all know that functional code is the leg that any good program stands on when it comes right down to it, however, if your program lacks a good user interface your product may not have the appeal needed to keep your customers happy. This issue can…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses
Course of the Month13 days, 11 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question