dannyb785 Posted August 2, 2008 Share Posted August 2, 2008 Ok, so I have my client's site setup so that if the ip you are showing(whether spoofed or not) doesn't fit proper ip pattern(4 separate numbers either 2 or 3 digits separated by periods), it will redirect you somewhere else. My question is, since anyone can spoof their ip to be any of millions of ips that fit the pattern, is there a way I can check that the ip the user is giving me is a valid ip(that pertains to a valid computer). Because if I did an ip lookup of 111.111.11.11 I'm positive it'd give me no results. So I'd like a way to check that the ip I am being shown is the real ip for a real computer and not just made up to fit the pattern Link to comment https://forums.phpfreaks.com/topic/117803-way-to-validate-an-ip/ Share on other sites More sharing options...
ratcateme Posted August 2, 2008 Share Posted August 2, 2008 where are you getting the ip form. what is wrong with $_SERVER['REMOTE_ADDR'] or is it possiable to spoof that Scott. Link to comment https://forums.phpfreaks.com/topic/117803-way-to-validate-an-ip/#findComment-605924 Share on other sites More sharing options...
bretticus Posted August 2, 2008 Share Posted August 2, 2008 What would be the point of spoofing an ip for an http transaction? For example, if I were able to make a request originating from, let's say, 192.168.1.1, I'll NEVER get the response. Pointless! Also, why two or three digits? Surely, some public address out there has single digits in an octet. What are you trying to accomplish with the redirect? Link to comment https://forums.phpfreaks.com/topic/117803-way-to-validate-an-ip/#findComment-605939 Share on other sites More sharing options...
dannyb785 Posted August 2, 2008 Author Share Posted August 2, 2008 What would be the point of spoofing an ip for an http transaction? For example, if I were able to make a request originating from, let's say, 192.168.1.1, I'll NEVER get the response. Pointless! Also, why two or three digits? Surely, some public address out there has single digits in an octet. What are you trying to accomplish with the redirect? Why are you asking my why I want to do this? I have my reasons. If you don't have an answer, why even post? edit: you did have a point with single digits. I adjusted my validator to allow single digits in the ip. Link to comment https://forums.phpfreaks.com/topic/117803-way-to-validate-an-ip/#findComment-605951 Share on other sites More sharing options...
dannyb785 Posted August 2, 2008 Author Share Posted August 2, 2008 where are you getting the ip form. what is wrong with $_SERVER['REMOTE_ADDR'] or is it possiable to spoof that Scott. google 'ip spoofing' Link to comment https://forums.phpfreaks.com/topic/117803-way-to-validate-an-ip/#findComment-605953 Share on other sites More sharing options...
unkwntech Posted August 2, 2008 Share Posted August 2, 2008 You could exec/passthru a ping but this could also be spoofed because I could tell you that my ip is 127.0.0.1 (localhost) and that will always work. So in reality the answer to your question is no. Link to comment https://forums.phpfreaks.com/topic/117803-way-to-validate-an-ip/#findComment-605955 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.