TCP Server Issues/Questions

[Mason]

I am finally spending a little time off WoW and finishing my program that I have been promising others and procrastinating on. There is a certain feature I would like to implement, and I have no earthly idea if it can be done with AutoIt, and if it can, no idea how.

Now, in the servers TCPListen() stage, before I accept connections, can I check their IP first? Once I validate the IP then I want to accept them, and then I want to move through my main loop.

What is happening is, on my CompleteControl program, there will be 4-5 users(depending on how many computer it is set on) that will attempt to connect to you once you run it. I want to be able to look at their IPs, put them in a list, and let the user choose which they want to allow to connect.

[themax90]

Check on the Beta Server 0.8.au3 script on the autoit its website forum. Also here is SocketToIp which can be written to an ini and checked later.

Run this function with a connected socket.

Func SocketToIp($Socket)
    Local $SocketAddress = DllStructCreate("short;ushort;uint;char[8]")
    Local $Ip = DllCall("Ws2_32.dll", "int", "getpeername", "int", $Socket, "ptr", DllStructGetPtr($SocketAddress), "int_ptr",    DllStructGetSize($SocketAddress))
    If Not @error And $Ip[0] = 0 Then
        $Ip = DllCall("Ws2_32.dll", "str", "inet_ntoa", "int", DllStructGetData($SocketAddress, 3))
        If Not @error Then $Ip = $Ip[0]
    Else
        $Ip = 0
    EndIf
    DllStructDelete($SocketAddress)
    Return $Ip
EndFunc ;==>SocketToIp

Cheers,

AutoIt Smith

Edited December 6, 2005 by AutoIt Smith

[Mason]

I am trying to download it, but it requires me to register, and it doesn't want to send me the activation email.

Maybe you could PM me the code?

[themax90]

http://www.autoitscript.com/fileman/users/AutoIt%20ITS/Chat%20Client/

Edited December 6, 2005 by AutoIt Smith

[Mason]

Dim $Socket[5]
Dim $SocketNames[5] 
$ConnectedSocket = TCPListen("127.0.0.1", 1234, 5)
    If $ConnectedSocket = -1 Then
        MsgBox(0, "Error", "Could not connect to the client!")
    Else
        For $i = 0 to 4 Step 1
            $Socket[$i] = TCPAccept($ConnectedSocket)
            If $Socket[0] = -1 Then 
                MsgBox(0, "Error", "Couldn't connect to any client!")
                return 0
            EndIf
            If $Socket[$i] = -1 Then
                ExitLoop
            Else
                $SocketNames[$i] = SocketToIp($socket[$i])
            EndIf
        Next
        CreateConnectionGUI()
    EndIf

So SocketNames should have all of the IPs that connect and then I can close the sockets of the clients that I don't want? Or am I implementing that complete wrong =/

Edited December 6, 2005 by Mason

[themax90]

Perhaps

Local $ConcIp
Local $Conc = TCPAccept($MainSocket)
If $Conc <> -1 Then $ConcIp = SocketToIp($Conc)
If IniRead("Ini.ini", "Ban", $ConcIp, -1) = -1 Then AllowConc($ConcIp, $Conc)

There is a problem with ip addresses because they can be dynamic and spoofed. So I am generating a Unique Id for my server/client project. Here is the beta code:

; ----------------------------------------------------------------------------
; AutoIt Version: 3.1.1.92
; Author:       Max Gardner(AutoIt Smith;king.of.all@comcast.net)
; Script Function:
;   Computer Unique Identification Number Creator
; ----------------------------------------------------------------------------
#Include <String.au3>
#Include <File.au3>
CreateUID()
Func CreateUID()
   Local $MainDrive = StringSplit(@WindowsDir, "\")
   $MainDrive = $MainDrive[1] & "\"
   Local $AutoExec = FileGetTime($MainDrive & "AUTOEXEC.BAT", 1, 1)
   Local $PageFile = FileGetTime($MainDrive & "pagefile.sys", 1, 1)
   Local $Pw = GenerateAuthID()
   MsgBox(0, $MainDrive, _StringEncrypt(1, $AutoExec & $PageFile, $Pw))
EndFunc
Func GenerateAuthID()
   Local $Lines = _FileCountLines(@ScriptFullPath)
   $ID = _StringToHex(@AutoItVersion & @Compiled & @ScriptLineNumber & $Lines)
   Return $ID
EndFunc

If you do use any of my functions then please keep my name on them

Also, i only use SocketToIp to log things, if someone abuses my server, then I can alert the company of the user before it happens and they can check there logs and locate that user. Otherwise I do not use SocketToIp.

Cheers,

AutoIt Smith

Edited December 6, 2005 by AutoIt Smith

[Mason]

The problem with that is, in CompleteControl a client constantly tries to connect to the server. So even if I dropped their connection your way, there is a good chance that it will be there again once I try to check TCPAccept for a different IP.

Is there a way to accept all the clients wanting to connect at once, then check their IP, and drop the ones I don't want? I thought mine did that above, but apparently something is wrong with it.

Edited December 6, 2005 by Mason

[themax90]

Have the client generate the ID and send it upon connection. Then you log it . If there is a certain computer you do not want, then put it in the ini.

[Greenseed]

i understand completely your probleme! and there is a my knowlege no method to bypass this probleme! im working on a method that we can use to bypass this probleme! not the probleme of checking the ip of a client before is connected but to minimize attack on not welcome client who have bean TCPaccepted

a simple solution for TCP function work more secure it to make the Socket number returned by a tcp accept function available to the whole system

then you have a script just for that accept connection and after send socket to another process!

then if you are attacked only the portail will be under attack the server will continue to respond to other client normaly.

maybe in futer version of autoit!

anyway when my solution is tested i will publish the code!

P.S. i found a solution working with NC.exe. NC is a port and ip fowarder and more, working in RAW mode!

with this i say to my client connect to 205.151.69.200:8001

i have NC lisening on port 8001. If the ip adress of the client connected is in the list then NC.exe foward the connection to 192.168.0.1:5001 Because my server lisen on a private adress no one who have not be redirected by nc will be able to attack the server!

when NC caputure the connection ON 205.151.69.200:8001 it route it where i tell him!

if you use NC to solve your solution i sugest you don't use the server console option! it can be really dangerous! i send you the help file for nc but not the file because i don't know if i can!

it can be easely found on the net! check for Netcat or NC, it originated from Unix platforme!

ho! and NC is working in raw mode! then no firewall are able to blockit! because your firewall will open certanly the port 53 and 80 for web browsing NC can lisent on that same port even if another application is using it!

so be prudent!

and i don't think this is the best idea i love more the idea of Autoit Smith. because i don't think you can realese something working with NC to the public usage! NC it know to be a tool for hacker. then some antivirus will not tolerate him! not all but some!

i edited the post because i found maybe a tool that is easy to configure it is port redirector the url is:

http://www.softpedia.com/get/Network-Tools...ortTunnel.shtml

i hope this help bye bye

Edited December 6, 2005 by Greenseed

[Mason]

expandcollapse popup

Dim $Socket
Dim $SocketNames[5]

Func NewConnection()
    Local $i = 0
    Do
        $ConnectedSocket = TCPListen("127.0.0.1", 1234, 5)
        $Socket = TCPAccept($ConnectedSocket)
        If $Socket <> -1 Then
            $SocketNames[$i] = SocketToIp($Socket)
            TCPSend($Socket, "end")
            TCPCloseSocket($socket)
        EndIf
        $i = $i + 1
    Until $Socket = -1
    If $SocketNames[0] <> "" Then
            CreateConnectionGUI()
    Else
        MsgBox(0, "Error", "No connections are able to be established!")
    EndIf
EndFunc

Func CreateConnectionGUI()
    Dim $RADIOCONTROLS[5]
    $CONNECTIONGUI = GuiCreate("Active Connections", 200, 300, 150, 150, 0, 0, $maingui)
    $OKButton = GUICtrlCreateButton("OK", 30, 215, 50, 25)
    $cancelbutton = GUICtrlCreateButton("Cancel", 120, 215, 50, 25)
    For $i = 0 To 4 Step 1
        If $SocketNames[$i] <> "" Then
            $RADIOCONTROLS[$i] = GUICtrlCreateRadio($SocketNames[$i], 10, ($i+1) * 50)
        EndIf
    Next
    GUICtrlSetState($RADIOCONTROLS[0], $GUI_CHECKED)
    GUISetState(@SW_SHOW)
    While 1
        $msg2 = GUIGetMsg()
        If $msg2 = $GUI_EVENT_CLOSE Then
            GUIDelete($CONNECTIONGUI)
            ExitLoop
        ElseIf $msg2 = $cancelbutton Then
            GUIDelete($CONNECTIONGUI)
            ExitLoop
        ElseIf $msg2 = $okbutton Then
            For $s = 0 To 4 Step 1
                If GUICtrlGetState($RADIOCONTROLS[$s]) = $GUI_CHECKED Then
                    Do
                        $ConnectedSocket = TCPListen("127.0.0.1", 1234, 5)
                        $Socket = TCPAccept($ConnectedSocket)
                        If SocketToIp($Socket) = $SocketNames[$s] Then
                            GUICtrlSetState($FileConnection, $GUI_DISABLE)
                            GUICtrlSetState($FileDisconnect, $GUI_ENABLE)
                            $isConnected = TRUE
                            MsgBox(0, "Success", "Successfully connected to client!")
                        Else
                            TCPSend($Socket, "end")
                            TCPCloseSocket($socket)
                        EndIf
                    Until $Socket = -1
                EndIf
            Next
        EndIf
    WEnd
EndFunc

This is a snippet of what I have done. It basicly grabs all of the connections trying to be established, accepts them, grabs the ip, then disconnects them. It then opens up the GUI showing you all of the IPs that tried to connect, you pick the radio to the one you want to connect to, and then you connect to them.

Everything works up to the radio part. The ips show with the radios, but once you press OK to try to establish a connection nothing happens. Got any ideas.

*Note this is only a snippet of CompleteControl...the source code has become quite large and could become inconvenient for posting it fully. If you do indeed need the full source code to spot the problem(which I wouldn't assume so) then just tell me, and I will be happy to post both the client/server.

[Mason]

Bump.