Solved

C#  RemoteIPEndPoint IPAddress List ???

Posted on 2004-09-22
12
667 Views
Last Modified: 2008-01-09
Generaly, the code reads like this to accept UDP data from any IP and any Port source.

RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0);

Q. How can I specify a list of IP's???
0
Comment
Question by:kvnsdr
12 Comments
 
LVL 10

Assisted Solution

by:eternal_21
eternal_21 earned 71 total points
ID: 12128781
You cannot use the System.Net.IPAddress class to specifc an arbitrary 'list of IPs.'  What is it exactly you are trying to do?
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12129478
I have a UDP syslog reciever and I'm attempting to allow or disallow certain IP from accessing my port.........
0
 
LVL 18

Assisted Solution

by:armoghan
armoghan earned 71 total points
ID: 12129862
I think , with endPoint you can give either one address or any.
You can reject a connection after wards by checking teh IP ?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12130241
With the .NET IP functions, the best you can do is have your program filter out packets from "bad" sources.  The API does not give you a way to receive from only selected sources.  You will need to use ReceiveFrom to get the source IP info and filter accordingly.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12133296
drichards:

   Here is the code (MSDN web site) I'm currently using.

Q. Can you modify the following code using 'RecieveFrom' as you've mentioned?

int servPort = 514;
server = new UdpClient(servPort);
RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0);
Byte[] receivedBytes = server.Receive(ref RemoteIpEndPoint);
str = System.Text.Encoding.ASCII.GetString(receivedBytes);
 
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12134288
If you're using UdpClient (I assume you are based on your code) rather than a Socket, then I think what you've got is correct.  The RemoteEndPoint should contain the IP/port of the source.  You can compare this to a list (shorter of acceptable/unacceptable addresses/ports) and either accept or reject the data accordingly.  The code you have looks OK.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12135262

Q. Can you modify the following code using 'RecieveFrom' as you've mentioned?

Q. Can you provide code to compare?
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12135703
Here's how to do ReceiveFrom on a Socket - it's the same as doing Receive on a UdpClient:

            System.Net.Sockets.Socket s = new System.Net.Sockets.Socket(System.Net.Sockets.AddressFamily.InterNetwork,
                                                                        System.Net.Sockets.SocketType.Dgram,
                                                                        System.Net.Sockets.ProtocolType.Udp);
            int servPort = 514;
            System.Net.IPEndPoint localEP = new System.Net.IPEndPoint(System.Net.IPAddress.Any, servPort);
            s.Bind(localEP);
            byte[] receivedBytes = new byte[2048];
            System.Net.IPEndPoint RemoteEndPoint = new System.Net.IPEndPoint(System.Net.IPAddress.Any, 0);
            System.Net.EndPoint rep = (System.Net.EndPoint)RemoteEndPoint;
            s.ReceiveFrom(receivedBytes, ref rep);
            str = System.TextEncoding.ASCII.GetString(receivedBytes);

RemotEndPoint will have the address of the remote device after the ReceiveFrom returns, same as in UdpClient.Receive.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12135893
 My goal is to prevent unauthorized clients from sending UDP Syslog data to a particular server. So, I'm currious if some sort of light encryption my be enough. Then an unauthorized udp sent to the server would not be read......... Port blocking on a firewall usally accepts IP ranges, not a list of IPs...... I will continue to use UDP because its a quick-n-dirty, connectionless protocol that works very well for syslog message transfers.

Q. Any suggestions???
0
 
LVL 19

Accepted Solution

by:
drichards earned 358 total points
ID: 12136228
What filtering criteria are you intending to use?  You have a couple of choices, and you'll need to figure out which one meets your needs.  If you are contemplating some form of encryption, then presumably your service is on some well-known port that you expect unwanted connections on.  Otherwise, simply having your client software would be sufficient.

What exactly is your scenario?

1) Do you expect data other than your app on the port?
2) Are you trying to protect against clients that have "gone bad"?  Meaning will you expect to have to block clients that were OK previously?
3) Will you be allowing everyone with a few exceptions or will you deny everyone with a few exceptions?
4) Do you want the client to be notified of rejection?

My thought is that you have the equivalent of a hosts.allow or hosts.deny file that your server looks at to determine who is legal.  Once your server receives the data, check the source address/port against the addresses in the file (which you read in at startup/reset) and accept/drop the packet accordingly.  The client will not know whether it was received.

Encryption just adds overhead and not much value.  How would you tell if a packet was good?  Even if this were easy, you'd have to decrypt to determine if the raw data is a message you care about.  You still have to receive the data and now you have to decrypt it too.  You're better off filtering by the address/port, I think.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12137251
Yes, there are many reasons to disable client access. Sometims it's simply for server testing purposes, cpu load concerns and so forth. My concerns are primarily people who port scan and send eroneous data to the syslog server. There's one in every crowd. Sending a message back to a 'bad' user is not neccessary. In some cases it lets them know they got-your-goat so to speak, so I think ignoring certain IPs is the best solution. It would be nice if Microsoft would simply allow 'lists' of IPs......
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12137461
There is a packet filtering API (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/rras/rras/pf_filter_descriptor.asp) but then you're defining rules for the whole box, not just your app.  You'd have to use PInvoke or similar from C# as it's a native API.  Really, though, I don't think it's hard to implement your own list as long as it's your server app that's involved.  Read in the file at startup and accept only messages from those clients (or ignore only those clients).  You can set up a file watcher to check if the list file changes so you can reload the list.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Hi all and welcome to my first article on Experts Exchange. A while ago, someone asked me if i could do some tutorials on object oriented programming. I decided to do them on C#. Now you may ask me, why's that? Well, one of the re…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question