I am running SMF 2.0.2 and have added a single IP ban for "220.250.58.*"
This seems to work. However, looking at the ban log other IP's are banned as well:
119.6.72.131 Today at 08:19:16 AM
114.79.129.6 Today at 08:19:06 AM
220.250.58.171 Today at 08:19:02 AM
220.250.58.170 Today at 07:48:52 AM
220.250.58.172 Today at 06:42:23 AM
129.219.36.184 Today at 06:04:12 AM
220.250.58.170 Today at 06:04:10 AM
122.144.3.198 Today at 06:01:54 AM
125.39.66.151 Today at 06:01:32 AM
220.250.58.172 Today at 06:01:07 AM
41.73.2.36 Today at 05:02:02 AM
220.250.58.171 Today at 05:02:00 AM
221.7.215.248 Today at 12:55:29 AM
221.7.215.248 Today at 12:54:34 AM
220.250.58.170 Today at 12:54:32 AM
220.250.58.172 Today at 12:44:37 AM
Why are these other IP's triggering this ban?
TIA for any insight into this. I don't want to be banning other people.
- Phil
Do you have any mod installed? Any anti-spam mod?
Obvious question: are you sure you don't have any other trigger in any other ban?
I have no mods installed.
No other triggers are set. This is my first ban and I only entered this single IP.
If it helps, here is one of the log entries:
Guest
119.6.72.131
Today at 08:19:16 AM
0a772f3101e4d0ec0d30f8e6b1b6f192
Type of error: User
http://u88.n24.queensu.ca/exiftool/forum/index.php?action=registerSorry Guest, you are banned from using this forum!
spam
This ban is not set to expire.
And here is the ban entry:
Banned entity Hits Actions
IP: 220.250.58.* 48 Modify
[Add ban trigger]
Edit: For now I have changed this ban to trigger on the individual IP's 220.250.58.170, 220.250.58.171 and 220.250.58.172. We'll see how this goes.
The ban check is performed on both: $_SERVER['REMOTE_ADDR'] and $_SERVER['BAN_CHECK_IP'] (that can be $_SERVER['REMOTE_ADDR'] or $_SERVER['HTTP_CLIENT_IP'] or something slightly different.
It may be that the user has the second one set to an IP included in the range of banned IPs, wihle the first one (REMOTE_ADDR) set to 119.6.72.131 for example.
Thanks. This hidden IP could definitely explain the behaviour that I am seeing.
I'm happy as long as you think that I'm not banning good IP's.
Physically, what is the difference between the REMOTE_ADDR and the HTTP_CLIENT_IP?
- Phil
In a sentence: HTTP_CLIENT_IP (and HTTP_X_FORWARDED_FOR, I forgot to mention that ban_check could be that too) is something provided by the "browser", while REMOTE_ADDR by the server.
I am also running 2.0.2 and was just logging in here to report the same issue, so I figured I would add to this thread.
I have many ban triggers, but at least one isn't working.
I had a ban set to block 189.96-127.*.* and I had a user at 189.5.x.x that wasn't allowed to login unless he used a proxy. After removing the 189.96-127.*.* ban he was able to get through just fine. Now, I suppose it is possible that there is the multiple IP thing going on that emanuele mentioned, but I wanted to make sure.
Closing old 2.0 bugs - 2.0 is in security fixes-only at this point.