IP Logging Problem

[Spitfire]

I just installed SMF 1.0 RC1 to use as a replacement for my old YaBB SE powered board, and I've run into a peculiar problem with IP logging.

For some reason, the board logs all of the IP addresses (and shows them in the online users list) as the internal network IP address of my web server.  At first I thought this might have something to do with the fact that I registered all of the user accounts (and logged into them all) myself from the internal network, but even now that the users are logging into their accounts on their own, it is still showing this IP address for all of them.

Has anybody else had this problem, and does anyone have any ideas as to how I can make the forum identify them correctly by their true IP addresses?  IP logging is very important to me for security when authorizing new members, and also so that my ban list actually functions.  Thanks.

[[Unknown]]

What IP address?  127.0.0.1?

-[Unknown]

[Spitfire]

No, it shows 169.254.0.7 (the IP assigned to the server by my router) for all users, including a new account I registered from a friend's house earlier today.  I'm a bit confused as to why this is doing this, since all of my users are clearly not sitting down at the keyboard of the server and logging into the forum.

[[Unknown]]

Okay, I just found something.  Please open Sources/QueryString.php, and find:

$_SERVER['REMOTE_ADDR'] = trim($_SERVER['REMOTE_ADDR']);

Replace it with:

$_SERVER['REMOTE_ADDR'] = trim($ip);

Does that change anything? (post again and see what it says your IP is...)

-[Unknown]

[Spitfire]

Alright, I found the code and changed it, but it doesn't seem to affect the IP logging.  When I post now, it still show's the server IP in the post.

Is it possible that the SQL users and/or privileges are not set up correctly and are causing the problem?

[[Unknown]]

Okay, can you run the following script on there and tell me what it says?

Code Select Expand

<?php

echo '
Client IP: ', $_SERVER['HTTP_CLIENT_IP'], '<br />

Forwarded for: ', $_SERVER['HTTP_X_FORWARDED_FOR'], '<br />

Remote IP: ', $_SERVER['REMOTE_ADDR'];

?>

Are you using an internal network here?  Any proxy?

-[Unknown]

[Spitfire]

Not sure how you mean "run the script."  Insert it into the code somewhere, or put it in a standalone file and run it in the browser?

I'm not connecting using the internal network address.  No proxies either.  The server is, however, set up to use a DNS forwarding service from dyndns.org [nofollow] (no domain yet) to forward to the IP.

[[Unknown]]

Not sure how you mean "run the script."  Insert it into the code somewhere, or put it in a standalone file and run it in the browser?

Sorry, yes, I meant something like "upload this as iptest.php and then point your browser to http://mywebsite/iptest.php"...

I'm not connecting using the internal network address.  No proxies either.  The server is, however, set up to use a DNS forwarding service from dyndns.org (no domain yet) to forward to the IP.

I've used that service with SMF without issue... odd.

-[Unknown]

[Spitfire]

The script reports the following:

Client IP:
Forwarded for:
Remote IP: 169.254.0.7

Peculiar, since the only thing it reports back is the local address.  Could be that the server itself or router is somehow blocking the info... I did connect to run the script through the dyndns route as well, as if I were coming in from the outside.

[[Unknown]]

Hmmm.... can you try the following?

Code Select Expand

<?php

ob_start();
echo '<pre>';
ob_start('htmlspecialchars');

print_r($_SERVER);

?>
(I know, it's cheating .)

Does this have your IP *anywhere* on it?

You should be able to find your IP at:
http://www.whatismyip.org/

-[Unknown]

[Spitfire]

Sure thing... it does have my IP listed correctly for "HTTP_PC_REMOTE_ADDR" but then lists the local IP of the server again for "REMOTE_ADDR" and "SERVER_ADDR" (makes sense for the second one).

Random question here... does SMF require any ports other than the standard HTTP port 80 to be open on the router in order to function properly?

[[Unknown]]

Not that I can think of, no - unless Apache does.

Hmm... HTTP_PC_REMOTE_ADDR?  Weird.  How common is it?  Google only shows it 114 times .

Find, in Sources/QueryString.php:

Code Select Expand

if (!empty($_SERVER['HTTP_CLIENT_IP']) && preg_match('~^((0|10|172\.16|192\.168|255|127\.0)\.|unknown)~', $_SERVER['HTTP_CLIENT_IP']) == 0)
{
// Since they are in different blocks, it's probably reversed.
if (strtok($_SERVER['REMOTE_ADDR'], '.') != strtok($_SERVER['HTTP_CLIENT_IP'], '.'))
$_SERVER['REMOTE_ADDR'] = implode('.', array_reverse(explode('.', $_SERVER['HTTP_CLIENT_IP'])));
else
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CLIENT_IP'];
}

And right below that:

Code Select Expand

elseif (!empty($_SERVER['HTTP_PC_REMOTE_ADDR']) && preg_match('~^((0|10|172\.16|192\.168|255|127\.0)\.|unknown)~', $_SERVER['HTTP_PC_REMOTE_ADDR']) == 0)
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_PC_REMOTE_ADDR'];

You will need to make this modification if/when you upgrade, however, because it feels to "kludgey" in this situation to put in the distribution.  However, if you want, I am willing to create a modification package (automated install .) for you.... just respond, saying so, or I'll forget.

-[Unknown]

[Spitfire]

OK, I put in the extra code block and uploaded and the forum is logging IPs correctly now! 

Thanks much, now that that is working I can open the forum up for general use and feel confident in my security.  I'll definitely be upgrading when the final release comes out, since all the SMF betas I have used have met or exceeded my expectations, so an automated installer would be great.

Thanks again

[[Unknown]]

Please try this, and tell me if it doesn't work...

Just upload it to the Packages directory and then go to Admin -> Package Manager to install it.

Thanks,
-[Unknown]

[Spitfire]

Package manager doesn't see the files after I put them in the packages directory on the server.  I tried to upload it through the upload package function as well (both the tar file and the two files inside of it) and SMF responds that it doesn't support the file type. 

[[Unknown]]

It should be a tar.gz file.  You need to either upload that archive, or take the two files inside it and recompress them into, say, a .zip file and try that.

It will only list files that are valid packages....

-[Unknown]

[Spitfire]

Ah, you're right... makes sense now.  Stuffit automatically decompressed the .gz when I downloaded it.

[Spitfire]

Got it, and it installs properly and seems to work as it should.  Thanks again!