TCPListener: How to refuse a connection attempt

Question

0.00/5 (No votes)

See more:

Hello everyone,
I'm currently writing a small server to check for updates of my programs etc.
This works nicely and now I'm trying to make it a little more secure. What I want to implement is a blacklisting of certain IP adresses.
Currently I'm doing it like this:

VB

Dim client As TcpClient = listener.AcceptTcpClient
blacklist = IO.File.ReadAllLines(Application.StartupPath & _
                                 "\Blacklist.txt")
If blacklist.Contains(GetIp(client).ToString) = False Then
     'IP not on blacklist, proceed with processing the client
     Dim t As New Thread(AddressOf HandleClient)
     Dim argus() As Object = {client, ClientIdentifier}
     t.Start(argus)
     threads.Add(t)
     clients.Add(client)
Else
    'Client is on blacklist, close the connection
    tb("Blacklisted IP tries to connect. Closing connection.")
    client.Close()
End If

Now this works OK, but what bothers me is, that even though the client is blacklisted the TCP connection has to be accepted first and the connection is established before being closed again.

My question now is: Is there any way to get information about the client that is about to be accepted before it is accepted? And can I refuse the connection attempt if the client's IP is blacklisted? I can't seem to find a way with the tools at hand.

Thank you in advance for any answers and if you have further questions about my problem, please feel free to ask.

Best wishes
Jens

Posted 22-Jun-13 8:03am

Keex0r

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Ron Beyer · Accepted Answer · 2013-06-22T10:45:00

Solution 1

Unfortunately there is no way to do this without accepting the socket connection first. You could try getting network information about what sockets are in the SYN_SEND or SYN_RECEIVED state, but its impossible to know if that connection is the one you are in the process of accepting without initializing the socket structure (which the TcpClient is built on).

Posted 22-Jun-13 10:45am

Ron Beyer

Comments

Keex0r 22-Jun-13 17:43pm

Ok, thank you very much for your answer. I'm not very experienced in network stuff anyways so if there is no easy solution I'm ok with that. I think it works with directly closing the connection again, too.