Bug Report

Remarkable number of SL edits apparently by 10.0.0.1 [#7196]

Back to forum

New reply

 
reply
PeterHB: Remarkable number of SL edits apparently by 10.0.0.1 (2019-02-09 20:49) [#11314]

I don't believe that all the recent edits apparently by 10.0.0.1 are really by the same person, the same organisation, or even from the same country.

[ext] https://senseis.xmp.net/?Movies By an anonymous person I think. Maybe Zach Gormley.

[ext] https://senseis.xmp.net/?diff=TheEndgameTheBook%2FReviewByRobertJasiek&new=16 By Robert Jasiek.

[ext] https://senseis.xmp.net/?diff=UtahGoClubs&new=84 By Zach Gormley

[ext] https://senseis.xmp.net/?info=BasicKoRule By PJTraill

I have noticed 10.0.0.1 at least once on the blocked sites list due to overload.

10.x.x.x addresses are private ipv4 addresses, non-routable on the public internet. The internal addresses for a large organisation, similar to the 192.168.x.x addresses for home networks. So my instinctive first thought is that it shouldn't be appearing at all as a vistor's ip address. This should be the routable ip address of their internet facing router. As this has only started occurring recently, I think it could be related to SL's recent move to a new server on 2019-01-19.

reply
tapir: ((no subject)) (2019-02-10 14:05) [#11315]

I had at least one edit as 10.0.0.1 as well. This is a problem.

X
PeterHB: Re: ((no subject)) (2019-02-10 13:28) [#11316]

I agree, which is why I've raised it. If you look at the blocked list, you will see it is blocked today. This isn't the first time.

( I don't think the mechanism of IP address blocking should be discussed here online, as I don't want to give spammers hints on how to get round it. )

I have emailed Arno to draw his attention to this.

reply
ArnoHollosi: looking into this... (2019-02-10 14:33) [#11317]

I noticed this phenomenon after moving to the new server (10.0.0.0/8 being unroutable IP address space.) I think it is related to SL now being reachable over IPv6 and some odd behavior of the "what is the real visitor IP address" code in SL's engine.

I thought it's odd & nothing to worry about, but if we inadvertently block people that's no good. I'll dig into this and hopefully come up with a solution soonish.

@tapir: did this happen to you while you were logged in? (Because that definitely shouldn't happen...)

X
tapir: Re: looking into this... (2019-02-10 14:59) [#11318]

No, I wasn't logged in.

reply
ArnoHollosi: suggestions? (2019-02-10 17:49) [#11319]

So indeed, it has to do with IPv6: the code checks for IPv4 addresses and if the client's address does not look like one, it assigns "10.0.0.1". Don't ask :o)

So I have different ways forward now:

  • just use the routing prefix of IPv6 (i.e. the first 64 bits) like "2601:1601:d980:538a" (I prefer this variant)
  • show full IPv6 addresses like e.g. "2601:1601:d980:538a:a1e0:dabc:53ce:c184" (might be a bit long)
  • hide all IP addresses and use something like 'anonymous-1234' (much work...)
  • something else?

What's your opinion?

X
PeterHB: Re: suggestions? (2019-02-10 18:06) [#11320]

Yes, I think your suggestion of the routing prefix of IPv6 "2601:1601:d980:538a" looks good, so it gets my vote.

I've been googling ipv6 addressing, but haven't understood it, so there isn't much intellectual heft to my vote.

I think the "2601:1601:d980:538a" looks short enough to work in the wiki change logs without being unwieldy.

I don't like the suggestion of hide all IP addresses and use something like 'anonymous-1234'. That would just lead to a database cross-referencing the 'anonymous-1234' alias to the IPv6 address and then using that for blocking. Added complication with no benefit to my eyes.

ArnoHollosi: fixed (2019-02-10 18:58) [#11321]

Ok, I pushed the changes: just using the IPv6 routing prefix in case of IPv6 numbers. Let's see how it turns out :o)

PeterHB: Re: fixed (2019-02-10 22:30) [#11322]

Well, the first result is in.

[ext] https://senseis.xmp.net/?info=AmbiguousPlays

PJTraill* (2003:dd:df2f:6083:9308:aa87:da74:4b4b)

Longer than I was expecting. That is the full IPv6 address, rather than the routing prefix, I think.

(P.S. Thanks for reacting to do a quick fix. I'm sure this will do for now, letting you think about the consequences of the change. Better to stick with this for now rather than doing a late night change without the time to check how it is working. )

ArnoHollosi: Re: fixed (2019-02-12 14:03) [#11323]

Silly bug - should be prefix only now.

2003:00dd:df09:936e: Re: fixed (2019-03-19 15:20) [#11355]

I did not even realise my machine was using IPv6! Since I do not know much about these protocols I am not sure what is most sensible, and am happy to have someone else decide the best approach.

Of course the main point in the long run should be to be able to block the odd nuisance on IPv6; other than that I suspect that the IP address is of little interest to anyone or am I mistaken? Perhaps you want to collect statistics on where edits come from, then maybe they are more interesting.

2003:00dd:df09:936e: Re: fixed (2019-03-19 15:30) [#11356]

P.S. I forgot I was not logged in (because I am using MSWindows, where my set-up is incomplete) the preceding comment (and this) are, as one might surmise, from Patrick Traill.

ArnoHollosi: Re: choice of what to log (2019-03-21 21:01) [#11358]

Patrick, you are right: IP addresses as such are not very interesting. But it's an easy way to identify bad guys (with all caveats that come with associating a single person with an IP address.) I think the current solution has served SL well enough. I hardly get complaints about collateral damage, so I think it's ok.

reply
PeterHB: 10.0.0.3 on the automatic block list today (2019-02-14 21:58) [#11324]

This feels like an indicator that something is still slightly wrong.

X
ArnoHollosi: fixed (2019-02-15 09:30) [#11325]

This is getting embarrassing :o( Now the code is bug free -- or so, I hope...

PeterHB: Re: fixed (2019-02-17 16:30) [#11326]

Not quite over the line yet. 10.0.0.3 has appeared like the proverbial bad penny on the automatic block list today.

PeterHB: Re: fixed (2019-03-03 13:32) [#11340]

Looks like you've made it. I haven't seen 10.0.0.3 for a while now. ( "One swallow does not a summer make" - Aristotle )

PeterHB: Re: fixed (2019-03-19 11:25) [#11354]

I've seen a 10.0.0.3 on the blocked list today. ( Looks like Aristotle knew what he was talking about. )

So there is still a bug in the script.

ArnoHollosi: Re: fixed (2019-03-21 20:56) [#11357]

Peter, thanks for keeping an eye on this. Actually, 10.0.0.3 was used as a diagnostic code. I changed that now and instead just write a log entry.

 
Back to forum

New reply


[Welcome to Sensei's Library!]
RecentChanges
StartingPoints
About
RandomPage
Search position
Page history
Latest page diff
Partner sites:
Go Teaching Ladder
Goproblems.com
Login / Prefs
Tools
Sensei's Library