I am running SMF 2.0.2 and have added a single IP ban for "220.250.58.*"
This seems to work. However, looking at the ban log other IP's are banned as well:
220.127.116.11 Today at 08:19:16 AM
18.104.22.168 Today at 08:19:06 AM
22.214.171.124 Today at 08:19:02 AM
126.96.36.199 Today at 07:48:52 AM
188.8.131.52 Today at 06:42:23 AM
184.108.40.206 Today at 06:04:12 AM
220.127.116.11 Today at 06:04:10 AM
18.104.22.168 Today at 06:01:54 AM
22.214.171.124 Today at 06:01:32 AM
126.96.36.199 Today at 06:01:07 AM
188.8.131.52 Today at 05:02:02 AM
184.108.40.206 Today at 05:02:00 AM
220.127.116.11 Today at 12:55:29 AM
18.104.22.168 Today at 12:54:34 AM
22.214.171.124 Today at 12:54:32 AM
126.96.36.199 Today at 12:44:37 AM
Why are these other IP's triggering this ban?
TIA for any insight into this. I don't want to be banning other people.
Do you have any mod installed? Any anti-spam mod?
Obvious question: are you sure you don't have any other trigger in any other ban?
I have no mods installed.
No other triggers are set. This is my first ban and I only entered this single IP.
If it helps, here is one of the log entries:
Today at 08:19:16 AM
Type of error: User
http://u88.n24.queensu.ca/exiftool/forum/index.php?action=registerSorry Guest, you are banned from using this forum!
This ban is not set to expire.
And here is the ban entry:
Banned entity Hits Actions
IP: 220.250.58.* 48 Modify
[Add ban trigger]
Edit: For now I have changed this ban to trigger on the individual IP's 188.8.131.52, 184.108.40.206 and 220.127.116.11. We'll see how this goes.
The ban check is performed on both: $_SERVER['REMOTE_ADDR'] and $_SERVER['BAN_CHECK_IP'] (that can be $_SERVER['REMOTE_ADDR'] or $_SERVER['HTTP_CLIENT_IP'] or something slightly different.
It may be that the user has the second one set to an IP included in the range of banned IPs, wihle the first one (REMOTE_ADDR) set to 18.104.22.168 for example.
Thanks. This hidden IP could definitely explain the behaviour that I am seeing.
I'm happy as long as you think that I'm not banning good IP's.
Physically, what is the difference between the REMOTE_ADDR and the HTTP_CLIENT_IP?
In a sentence: HTTP_CLIENT_IP (and HTTP_X_FORWARDED_FOR, I forgot to mention that ban_check could be that too) is something provided by the "browser", while REMOTE_ADDR by the server.
I am also running 2.0.2 and was just logging in here to report the same issue, so I figured I would add to this thread.
I have many ban triggers, but at least one isn't working.
I had a ban set to block 189.96-127.*.* and I had a user at 189.5.x.x that wasn't allowed to login unless he used a proxy. After removing the 189.96-127.*.* ban he was able to get through just fine. Now, I suppose it is possible that there is the multiple IP thing going on that emanuele mentioned, but I wanted to make sure.
Closing old 2.0 bugs - 2.0 is in security fixes-only at this point.