Question about client ip verification

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Question about client ip verification

Markus
I've got one of those routers which do not handle loopback correctly.
Pinging my external IP works but that's only half of the story. The
router replaces the sender address (which is the computer inside the lan
running the client) with its own local address which of course is
nonsense. So this is my current setup:

A server running a standalone HG enabled private grid with 4 regions,
using ports TCP 9000 and UDP 9000-9003.
My desktop pc (inside my lan) running the client.
My router with its brain damaged implementation of loopback.
A dynamic dns domain for accessing my private grid from the outside.

These scenarios do work without a problem:
I can login to my private grid.
I can make a HG jump from my grid to other OS grids.
I can jump back home (this actually works because client ip verification
is not performed when I return to my home grid because its a local account).
Other people from outside the lan can HG jump to my private grid.

What does not work?
I login to a different OS grid which is outside my lan (e.g. I login to
DigiWorldz because I also have an account there) and then try to HG jump
to my private grid at home. In this case, the client ip verfication
fails. DigiWorldz reports to my server my external ip and my "new"
client ip all in a sudden is the same as my router's internal ip because
of the buggy router.

So the question is: can I somehow disable the client ip verification if
the incoming avatar is foreign (not from my private grid) but his
client's ip is internal to my lan? That would solve my problem right
away and not cause any security problem because I could then disable
loopback completely and set a local dns record in my router's host which
resolves my external dynamic dns domain directly to my OpenSim server.

In short: Is there any way to disable client ip verification if the
client ip of the incoming avatar is part of the local lan?

Markus.

_______________________________________________
Opensim-users mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-users