Implemented Admin Control Panel - Search Users by IP

[KozmoK]

I often have to track down people by IP, and I would like to search by IP address.

For Example: I have a script on cron that calculates how many SYN_RECV my server is getting, if over a certain threashold - it sends me an email so I can find out why they are trying to DDOS me, or if they are having connection issues. I'd like to know what user that is easily.

P.S. I didnt make the cron script picked it up years ago from somewhere.
syn_count=36
netstat -ntp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 **.167.147.104:22 68.233.249.182:41360 SYN_RECV -
tcp 0 0 **.167.147.219:22 68.233.249.182:56191 SYN_RECV -
tcp 0 0 **.167.147.104:22 68.233.249.182:38350 SYN_RECV -
tcp 0 0 **.167.147.121:22 68.233.249.182:48540 SYN_RECV -
tcp 0 0 **.167.147.219:22 68.233.249.182:54686 SYN_RECV -
....
..
.
if anyone wants this cron script let me know.

 

[Alien]

I think IP searches via AdminCP would be extremely helpful, I miss it almost every day.

I know you can search via database, but I think it needs to make it into the AdminCP.

 

[DeltaHF]

Wow. I'm really disappointed to discover this isn't supported in XF, despite all the other excellent moderation controls found in the software. Is there even a way to view all of a user's IP addresses from their profile or the Admin CP? I can't seem to find anything in the demo... This sort of thing is extremely important when dealing with troublesome users, and as a large forum owner it's something my staff and I have to deal with on a daily basis.

Hopefully there will be improvements in this area with 1.1...

 

[Floris]

XenForo stores the IP as longip (INT).

You can go to phpmyadmin and do a search for it.

disclaimer: this convert script is not written to be secure.. Just an example, use behind .htaccess or rewrite it to avoid exploiting.
dir: longip/ file: index.php
call with: index.php?ip=68.233.249.182

<?php
if ($_REQUEST['ip']) {
$ip = htmlspecialchars($_REQUEST['ip'], ENT_QUOTES);
} else {
$ip = "127.0.0.1";
}
?>
<form action="index.php" method="get">
<div>
<label>IPv4 Address: </label>
<input type="text" name="ip" value="<?php echo $ip; ?>" />
<input type="submit" value="Convert to LongIP" />
</div>
</form>
<?php
$long = ip2long($ip);

if ($long == -1 || $long === FALSE) {
    echo "Invalid IP, please try again <br />";
} else {
    echo "Ipv4: $ip<br />";
    echo "LongIP: $long <br />";
}

write down the number ..

In PHPMyAdmin you can do:

SELECT * FROM `xf_ip` WHERE `ip` = THATNUMBER

You get a page back with all the entries with that unique longip.

Let's say you get 3 rows with user_id 1 and 12 ..

To get the username for id 12 (or 1) do:

SELECT * FROM `xf_user` WHERE `user_id` = 12

Resulting in a single row with the column username saying the name ..

Now, if someone knows how to put this into 'xenforo' language, that be great

 

[Floris]

Script updated;

example: http://vbirc.com/longip/index.php?ip=68.233.249.182

 

[Kier]

An IP search tool is in XF 1.1.

 

[Floris]

Even better Until then, a manual lookup will do just fine.

 

[DeltaHF]

An IP search tool is in XF 1.1.

That's great to hear! Looking forward to it.

 

[Dean]

An IP search tool is in XF 1.1.

It would be incredibly handy to be able to put in a partial IP, or an IP range.

I'd really like to block some IP ranges, but I really don't want to block any of my actual users.

 

[rootsxrocks]

Ah hah Glad I am not the only one that ran into this issue. Running scripts is a PITA just to check wither a user is a genuine target market that is having difficulty confirming the Email. I looked Back and forth and all I could find was the banned and discouraged list.

 

[Dean]

For reference, until the feature is added:
http://xenforo.com/community/threads/search-for-an-ip-query.15511/