http://qs321.pair.com?node_id=396367


in reply to Re^2: Discriminating between local and remote IP's
in thread Discriminating between local and remote IP's

I would never trust any IP address in the private ranges. You might have someone elses network

You are assuming that the server has two NICs, one on a private LAN, and another on the Internet connections. This is a rare configuration. Also, it is fairly hard to determine which interface the connection came from. You can look at the incoming IP address. It isn't that reliable for scurity.

It is better to look at the remote IP address. This can be spoofed and isn't very good security. But if you are looking at the IP address for trust, you aren't interested in good security.

  • Comment on Re^3: Discriminating between local and remote IP's

Replies are listed 'Best First'.
Re^4: Discriminating between local and remote IP's
by traveler (Parson) on Oct 04, 2004 at 20:07 UTC
    While it is true that using IP addresses for trust is not good security, it is easy to find out on which IP a connection came in.
    getsockname SOCKET Returns the packed sockaddr address of this end of the SOCKET connection, in case you don't know the address because you have several different IPs that the connection might have come in on.
    HTH, --traveler