Solved

C#  RemoteIPEndPoint IPAddress List ???

Posted on 2004-09-22
12
645 Views
Last Modified: 2008-01-09
Generaly, the code reads like this to accept UDP data from any IP and any Port source.

RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0);

Q. How can I specify a list of IP's???
0
Comment
Question by:kvnsdr
12 Comments
 
LVL 10

Assisted Solution

by:eternal_21
eternal_21 earned 71 total points
ID: 12128781
You cannot use the System.Net.IPAddress class to specifc an arbitrary 'list of IPs.'  What is it exactly you are trying to do?
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12129478
I have a UDP syslog reciever and I'm attempting to allow or disallow certain IP from accessing my port.........
0
 
LVL 18

Assisted Solution

by:armoghan
armoghan earned 71 total points
ID: 12129862
I think , with endPoint you can give either one address or any.
You can reject a connection after wards by checking teh IP ?
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12130241
With the .NET IP functions, the best you can do is have your program filter out packets from "bad" sources.  The API does not give you a way to receive from only selected sources.  You will need to use ReceiveFrom to get the source IP info and filter accordingly.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12133296
drichards:

   Here is the code (MSDN web site) I'm currently using.

Q. Can you modify the following code using 'RecieveFrom' as you've mentioned?

int servPort = 514;
server = new UdpClient(servPort);
RemoteIpEndPoint = new IPEndPoint(IPAddress.Any, 0);
Byte[] receivedBytes = server.Receive(ref RemoteIpEndPoint);
str = System.Text.Encoding.ASCII.GetString(receivedBytes);
 
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12134288
If you're using UdpClient (I assume you are based on your code) rather than a Socket, then I think what you've got is correct.  The RemoteEndPoint should contain the IP/port of the source.  You can compare this to a list (shorter of acceptable/unacceptable addresses/ports) and either accept or reject the data accordingly.  The code you have looks OK.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Author Comment

by:kvnsdr
ID: 12135262

Q. Can you modify the following code using 'RecieveFrom' as you've mentioned?

Q. Can you provide code to compare?
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12135703
Here's how to do ReceiveFrom on a Socket - it's the same as doing Receive on a UdpClient:

            System.Net.Sockets.Socket s = new System.Net.Sockets.Socket(System.Net.Sockets.AddressFamily.InterNetwork,
                                                                        System.Net.Sockets.SocketType.Dgram,
                                                                        System.Net.Sockets.ProtocolType.Udp);
            int servPort = 514;
            System.Net.IPEndPoint localEP = new System.Net.IPEndPoint(System.Net.IPAddress.Any, servPort);
            s.Bind(localEP);
            byte[] receivedBytes = new byte[2048];
            System.Net.IPEndPoint RemoteEndPoint = new System.Net.IPEndPoint(System.Net.IPAddress.Any, 0);
            System.Net.EndPoint rep = (System.Net.EndPoint)RemoteEndPoint;
            s.ReceiveFrom(receivedBytes, ref rep);
            str = System.TextEncoding.ASCII.GetString(receivedBytes);

RemotEndPoint will have the address of the remote device after the ReceiveFrom returns, same as in UdpClient.Receive.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12135893
 My goal is to prevent unauthorized clients from sending UDP Syslog data to a particular server. So, I'm currious if some sort of light encryption my be enough. Then an unauthorized udp sent to the server would not be read......... Port blocking on a firewall usally accepts IP ranges, not a list of IPs...... I will continue to use UDP because its a quick-n-dirty, connectionless protocol that works very well for syslog message transfers.

Q. Any suggestions???
0
 
LVL 19

Accepted Solution

by:
drichards earned 358 total points
ID: 12136228
What filtering criteria are you intending to use?  You have a couple of choices, and you'll need to figure out which one meets your needs.  If you are contemplating some form of encryption, then presumably your service is on some well-known port that you expect unwanted connections on.  Otherwise, simply having your client software would be sufficient.

What exactly is your scenario?

1) Do you expect data other than your app on the port?
2) Are you trying to protect against clients that have "gone bad"?  Meaning will you expect to have to block clients that were OK previously?
3) Will you be allowing everyone with a few exceptions or will you deny everyone with a few exceptions?
4) Do you want the client to be notified of rejection?

My thought is that you have the equivalent of a hosts.allow or hosts.deny file that your server looks at to determine who is legal.  Once your server receives the data, check the source address/port against the addresses in the file (which you read in at startup/reset) and accept/drop the packet accordingly.  The client will not know whether it was received.

Encryption just adds overhead and not much value.  How would you tell if a packet was good?  Even if this were easy, you'd have to decrypt to determine if the raw data is a message you care about.  You still have to receive the data and now you have to decrypt it too.  You're better off filtering by the address/port, I think.
0
 
LVL 1

Author Comment

by:kvnsdr
ID: 12137251
Yes, there are many reasons to disable client access. Sometims it's simply for server testing purposes, cpu load concerns and so forth. My concerns are primarily people who port scan and send eroneous data to the syslog server. There's one in every crowd. Sending a message back to a 'bad' user is not neccessary. In some cases it lets them know they got-your-goat so to speak, so I think ignoring certain IPs is the best solution. It would be nice if Microsoft would simply allow 'lists' of IPs......
0
 
LVL 19

Assisted Solution

by:drichards
drichards earned 358 total points
ID: 12137461
There is a packet filtering API (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/rras/rras/pf_filter_descriptor.asp) but then you're defining rules for the whole box, not just your app.  You'd have to use PInvoke or similar from C# as it's a native API.  Really, though, I don't think it's hard to implement your own list as long as it's your server app that's involved.  Read in the file at startup and accept only messages from those clients (or ignore only those clients).  You can set up a file watcher to check if the list file changes so you can reload the list.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Introduction                                                 Was the var keyword really only brought out to shorten your syntax? Or have the VB language guys got their way in C#? What type of variable is it? All will be revealed.   Also called…
Article by: Ivo
C# And Nullable Types Since 2.0 C# has Nullable(T) Generic Structure. The idea behind is to allow value type objects to have null values just like reference types have. This concerns scenarios where not all data sources have values (like a databa…
This video discusses moving either the default database or any database to a new volume.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now