How to block the real IP rather than an entire proxy?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
My question is about blocking IPs from my network. It's a piece of cake to
block static IPs. But there are times when someone sitting behind a proxy
whos IP doesn't change, but the proxy in which he is accessing us does.
There's no way I can figure out how to keep these people out. For example;
Apache only shows the IP of the visitor and not the real IP of the visitor.
Here's an example of what I mean using environment variables:
$ENV{'REMOTE_ADDR'};
One might believe this is the IP of the visitor. But...
$ENV{'HTTP_X_FORWARDED_FOR'}
if the above is present it is most likely the true IP of the visitor and the
"REMOTE_ADDR" is just the proxy in which they are accessing the Net with.
$ENV{'HTTP_CLIENT_IP'}
Which you may need to deal with as well.
So how can I block a visitor who is jumping around through proxies? I don't
want to block out the proxy as this could ultimately block out all AOL users
for example.
Thanks!
John
_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail
[Index of Archives]
[Linux Netfilter Development]
[Linux Kernel Networking Development]
[Netem]
[Berkeley Packet Filter]
[Linux Kernel Development]
[Advanced Routing & Traffice Control]
[Bugtraq]
