Second Life Forums Archive - Getting the IP of the client

William Lopez

Registered User

Join date: 12 Dec 2006

Posts: 6

12-12-2006 14:10

Hi all,

We would like to control content streaming via the IP of the client. We would like to stream only to authorized IPs.

Is there a way in SL to obtain the IP of the client machine of someone who is touching an object (say) ?

Thanks,

Will

Ordinal Malaprop

really very ordinary

Join date: 9 Sep 2005

Posts: 4,607

12-12-2006 14:47

Not via LSL, no. (And a good thing too!)

Perhaps you could send someone to an outside web page, say, which *would* be able to validate their IP address, and then send a message back to an object in-world indicating that they be allowed permission. However, I'm not an expert on streaming, but as far as I know you can't filter out who can see streaming media; if they can see it they can see it, so if that's true it's a non-starter.

_____________________

http://ordinalmalaprop.com/forum/ - visit Ordinal's Scripting Colloquium for scripting discussion with actual working BBCode!

http://ordinalmalaprop.com/engine/ - An Engine Fit For My Proceeding, my Aethernet Journal

http://www.flickr.com/groups/slgriefbuild/ - Second Life Griefbuild Digest, pictures of horrible ad griefing and land spam, and the naming of names

Alexis Starbrook

CEO - Alexis Digital

Join date: 7 Dec 2006

Posts: 135

12-12-2006 15:22

Yes, there is, but it requires an object using a llHttpRequest script and a GCI script on the external web server setup to recieve the request.

Not a programming job for the layman.

Cheers

Talarus Luan

Ancient Archaean Dragon

Join date: 18 Mar 2006

Posts: 4,831

12-12-2006 23:16

From: Alexis Starbrook

Yes, there is, but it requires an object using a llHttpRequest script and a GCI script on the external web server setup to recieve the request.

That won't get the IP of the client, but instead will get the IP of the server the simulator is running on.

Only way to do it is to form a llLoadURL request with info about the user making the request, and hope he's nice enough to not monkey with it.

Zi Ree

Mrrrew!

Join date: 25 Feb 2006

Posts: 723

12-13-2006 01:00

The llLoadURL is flawed anyway, since you can simply copy out the address and call it on a different system with a different IP address.

Using IP addresses for verification is not the way to go, it's just too easily spoofed, reveals too much of the user's information and - last not least - most users are on dynamic IPs anyway.

Have the users identify by SL name and an agreed password, only then send them the stream URL to use in an *external* program. The SL client will not help you there.

_____________________

Zi!

(SuSE Linux 10.2, Kernel 2.6.13-15, AMD64 3200+, 2GB RAM, NVidia GeForce 7800GS 512MB (AGP), KDE 3.5.5, Second Life 1.13.1 (6) alpha soon beta thingie)

Blog: http://ziree.wordpress.com/ - QAvimator: http://qavimator.org

Second Life Linux Users Group IRC Channel: irc.freenode.org #secondlifelug

Scalar Tardis

SL Scientist/Engineer

Join date: 5 Nov 2005

Posts: 249

12-13-2006 06:50

This project can work, if William Lopez is a skilled programmer and is directly in charge of the streaming server.

The streaming server can use firewalling rules to restrict stream access, so someone just wandering in would not be able to view the stream since their IP-address is not authorized to access the stream.

When a user wants to view a stream, have them authenticate using a one-time access key in your llLoadURL that expires immediately after it is received by the streaming server. Now your webserver log on the stream-server knows the client IP and can authorize it by adding it to the firewall access rules.

After the streaming session is complete, remove the client address from the firewall access list to close the door.

So, you could design a pay-per-view system similar to a satellite-TV channel, where the paying customer is permitted a time window to view the streamed content (1 hr, 4hrs, all-day, all-week, prepaid event window), with customer stream access controlled by your streaming-server's firewall ruleset.

It can be done, but you'll need some programming skill to pull this off.

.

Geuis Dassin

Filming Path creator

Join date: 3 May 2006

Posts: 565

12-13-2006 07:17

William, let me answer your question.

This doesn't have anything to do with LSL or even Second Life on the server side.

When someone streams media, whether video or audio on your land, their client running locally on their computer connects to your server to download whatever the content is. In the case of streaming media, the SL client acts in the same way as a RealPlayer program when you are streaming media.

Here's what happens.
1) Avatar goes to island "Big Monkey Island" that has an audio stream.
2) Avatar gives permission to stream the audio.
3) SL sends the IP address of the remote content server to your SL client.
4) Your SL client connects to the remote server and begins to download said content.
5) Your SL client plays the content, but thru the client, thus making it a seamless experience and making it seem that SL is playing music to you.

Now, what this means on *your* end is that your job is very simple. Simply setup your allowed list of IP addresses on your media server. I'm assuming, for the sake of argument, that you already know how to do this. 20 people can then visit your land in-world, but only the 5 people you have added to your IP-allow list will actually receive any content.

I've setup IP-restricted systems in PHP before so I can provide assistance with that, but if you aren't running that kind of hosted environment look for help relating to your server software.

William Lopez

Registered User

Join date: 12 Dec 2006

Posts: 6

12-13-2006 09:14

Thanks to all that have replied

I do have control of the streaming server (Darwin), so I can have it check a table of valid IPs when the streaming server receives a connection request.

Now, the question is how to build such a table. I did try the llHTTPRequest but indeed got the IP of a SL server, not of the client. The llLoadURL should indeed do what I need, I will try it out this afternoon as soon as the 1.13.1 update is done.

Thank you again for all the replies!

Armando

Kitty Barnett

Registered User

Join date: 10 May 2006

Posts: 5,586

12-13-2006 09:54

From: William Lopez

Thanks to all that have replied

I do have control of the streaming server (Darwin), so I can have it check a table of valid IPs when the streaming server receives a connection request.

My ISP used to require the use of their proxy for web browsing, it simply would not work if you didn't set it.

Also, just because you can associate an avie with an address at one point, doesn't necessarily mean they will still have the same one 10 minutes after (when my ISP has a brief outage my address always changes).

Depending on what you're trying to do, it's far easier and much less of a hassle to restrict who has access to the parcel you're streaming on, than who has actual access to the stream.

Getting the IP of the client
William Lopez Registered User Join date: 12 Dec 2006 Posts: 6	12-12-2006 14:10 Hi all, We would like to control content streaming via the IP of the client. We would like to stream only to authorized IPs. Is there a way in SL to obtain the IP of the client machine of someone who is touching an object (say) ? Thanks, Will
Ordinal Malaprop really very ordinary Join date: 9 Sep 2005 Posts: 4,607	12-12-2006 14:47 Not via LSL, no. (And a good thing too!) Perhaps you could send someone to an outside web page, say, which would be able to validate their IP address, and then send a message back to an object in-world indicating that they be allowed permission. However, I'm not an expert on streaming, but as far as I know you can't filter out who can see streaming media; if they can see it they can see it, so if that's true it's a non-starter. _____________________ http://ordinalmalaprop.com/forum/ - visit Ordinal's Scripting Colloquium for scripting discussion with actual working BBCode! http://ordinalmalaprop.com/engine/ - An Engine Fit For My Proceeding, my Aethernet Journal http://www.flickr.com/groups/slgriefbuild/ - Second Life Griefbuild Digest, pictures of horrible ad griefing and land spam, and the naming of names
Alexis Starbrook CEO - Alexis Digital Join date: 7 Dec 2006 Posts: 135	12-12-2006 15:22 Yes, there is, but it requires an object using a llHttpRequest script and a GCI script on the external web server setup to recieve the request. Not a programming job for the layman. Cheers
Talarus Luan Ancient Archaean Dragon Join date: 18 Mar 2006 Posts: 4,831	12-12-2006 23:16 From: Alexis Starbrook Yes, there is, but it requires an object using a llHttpRequest script and a GCI script on the external web server setup to recieve the request. That won't get the IP of the client, but instead will get the IP of the server the simulator is running on. Only way to do it is to form a llLoadURL request with info about the user making the request, and hope he's nice enough to not monkey with it.
Zi Ree Mrrrew! Join date: 25 Feb 2006 Posts: 723	12-13-2006 01:00 The llLoadURL is flawed anyway, since you can simply copy out the address and call it on a different system with a different IP address. Using IP addresses for verification is not the way to go, it's just too easily spoofed, reveals too much of the user's information and - last not least - most users are on dynamic IPs anyway. Have the users identify by SL name and an agreed password, only then send them the stream URL to use in an external program. The SL client will not help you there. _____________________ Zi! (SuSE Linux 10.2, Kernel 2.6.13-15, AMD64 3200+, 2GB RAM, NVidia GeForce 7800GS 512MB (AGP), KDE 3.5.5, Second Life 1.13.1 (6) alpha soon beta thingie) Blog: http://ziree.wordpress.com/ - QAvimator: http://qavimator.org Second Life Linux Users Group IRC Channel: irc.freenode.org #secondlifelug
Scalar Tardis SL Scientist/Engineer Join date: 5 Nov 2005 Posts: 249	12-13-2006 06:50 This project can work, if William Lopez is a skilled programmer and is directly in charge of the streaming server. The streaming server can use firewalling rules to restrict stream access, so someone just wandering in would not be able to view the stream since their IP-address is not authorized to access the stream. When a user wants to view a stream, have them authenticate using a one-time access key in your llLoadURL that expires immediately after it is received by the streaming server. Now your webserver log on the stream-server knows the client IP and can authorize it by adding it to the firewall access rules. After the streaming session is complete, remove the client address from the firewall access list to close the door. So, you could design a pay-per-view system similar to a satellite-TV channel, where the paying customer is permitted a time window to view the streamed content (1 hr, 4hrs, all-day, all-week, prepaid event window), with customer stream access controlled by your streaming-server's firewall ruleset. It can be done, but you'll need some programming skill to pull this off. .
Geuis Dassin Filming Path creator Join date: 3 May 2006 Posts: 565	12-13-2006 07:17 William, let me answer your question. This doesn't have anything to do with LSL or even Second Life on the server side. When someone streams media, whether video or audio on your land, their client running locally on their computer connects to your server to download whatever the content is. In the case of streaming media, the SL client acts in the same way as a RealPlayer program when you are streaming media. Here's what happens. 1) Avatar goes to island "Big Monkey Island" that has an audio stream. 2) Avatar gives permission to stream the audio. 3) SL sends the IP address of the remote content server to your SL client. 4) Your SL client connects to the remote server and begins to download said content. 5) Your SL client plays the content, but thru the client, thus making it a seamless experience and making it seem that SL is playing music to you. Now, what this means on your end is that your job is very simple. Simply setup your allowed list of IP addresses on your media server. I'm assuming, for the sake of argument, that you already know how to do this. 20 people can then visit your land in-world, but only the 5 people you have added to your IP-allow list will actually receive any content. I've setup IP-restricted systems in PHP before so I can provide assistance with that, but if you aren't running that kind of hosted environment look for help relating to your server software.
William Lopez Registered User Join date: 12 Dec 2006 Posts: 6	12-13-2006 09:14 Thanks to all that have replied I do have control of the streaming server (Darwin), so I can have it check a table of valid IPs when the streaming server receives a connection request. Now, the question is how to build such a table. I did try the llHTTPRequest but indeed got the IP of a SL server, not of the client. The llLoadURL should indeed do what I need, I will try it out this afternoon as soon as the 1.13.1 update is done. Thank you again for all the replies! Armando
Kitty Barnett Registered User Join date: 10 May 2006 Posts: 5,586	12-13-2006 09:54 From: William Lopez Thanks to all that have replied I do have control of the streaming server (Darwin), so I can have it check a table of valid IPs when the streaming server receives a connection request. My ISP used to require the use of their proxy for web browsing, it simply would not work if you didn't set it. Also, just because you can associate an avie with an address at one point, doesn't necessarily mean they will still have the same one 10 minutes after (when my ISP has a brief outage my address always changes). Depending on what you're trying to do, it's far easier and much less of a hassle to restrict who has access to the parcel you're streaming on, than who has actual access to the stream.

Welcome to the Second Life Forums Archive

Getting the IP of the client