• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Implemented Admin Control Panel - Search Users by IP

KozmoK

Active member
#1
I often have to track down people by IP, and I would like to search by IP address.

For Example: I have a script on cron that calculates how many SYN_RECV my server is getting, if over a certain threashold - it sends me an email so I can find out why they are trying to DDOS me, or if they are having connection issues. I'd like to know what user that is easily.

P.S. I didnt make the cron script picked it up years ago from somewhere.
syn_count=36
netstat -ntp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 **.167.147.104:22 68.233.249.182:41360 SYN_RECV -
tcp 0 0 **.167.147.219:22 68.233.249.182:56191 SYN_RECV -
tcp 0 0 **.167.147.104:22 68.233.249.182:38350 SYN_RECV -
tcp 0 0 **.167.147.121:22 68.233.249.182:48540 SYN_RECV -
tcp 0 0 **.167.147.219:22 68.233.249.182:54686 SYN_RECV -
....
..
.
if anyone wants this cron script let me know.
 

DeltaHF

Well-known member
#3
Wow. I'm really disappointed to discover this isn't supported in XF, despite all the other excellent moderation controls found in the software. Is there even a way to view all of a user's IP addresses from their profile or the Admin CP? I can't seem to find anything in the demo... This sort of thing is extremely important when dealing with troublesome users, and as a large forum owner it's something my staff and I have to deal with on a daily basis.

Hopefully there will be improvements in this area with 1.1...
 
F

Floris

Guest
#4
XenForo stores the IP as longip (INT).

You can go to phpmyadmin and do a search for it.

disclaimer: this convert script is not written to be secure.. Just an example, use behind .htaccess or rewrite it to avoid exploiting.
dir: longip/ file: index.php
call with: index.php?ip=68.233.249.182
PHP:
<?php
if ($_REQUEST['ip']) {
$ip = htmlspecialchars($_REQUEST['ip'], ENT_QUOTES);
} else {
$ip = "127.0.0.1";
}
?>
<form action="index.php" method="get">
<div>
<label>IPv4 Address: </label>
<input type="text" name="ip" value="<?php echo $ip; ?>" />
<input type="submit" value="Convert to LongIP" />
</div>
</form>
<?php
$long = ip2long($ip);

if ($long == -1 || $long === FALSE) {
    echo "Invalid IP, please try again <br />";
} else {
    echo "Ipv4: $ip<br />";
    echo "LongIP: $long <br />";
}
write down the number ..

In PHPMyAdmin you can do:

Code:
SELECT * FROM `xf_ip` WHERE `ip` = THATNUMBER
You get a page back with all the entries with that unique longip.

Let's say you get 3 rows with user_id 1 and 12 ..

To get the username for id 12 (or 1) do:

Code:
SELECT * FROM `xf_user` WHERE `user_id` = 12
Resulting in a single row with the column username saying the name ..

Now, if someone knows how to put this into 'xenforo' language, that be great :)
 
#10
Ah hah Glad I am not the only one that ran into this issue. Running scripts is a PITA just to check wither a user is a genuine target market that is having difficulty confirming the Email. I looked Back and forth and all I could find was the banned and discouraged list.