Is there anyway to know the ip and port of an incomming connection before the call to accept? I need this for implementing banning. I dont want to accept the connection and then close it if a host is banned.

Quote:

Original post by peter_b Is there anyway to know the ip and port of an incomming connection before the call to accept? I need this for implementing banning. I dont want to accept the connection and then close it if a host is banned.

I don't think you have any other option here.
Previous thread about this topic: how to _not_ accept connections (tcp)

Bottom line is: if you are listening when the connection attempt came, the operating system already accepted the incoming connection automatically - and sent positive answer to the client. From the client's side it looks like you've had already called accept().
The actual accept() call on your side is just a formality - so that your program could get a "socket" number.

No, there is no way of doing this as noted in the other thread cited above.

The only way you could implement that would be by creating OS firewall rules based on your ban list- that would work but would be OS specific (hint: You'd probably need to be running Linux or BSD to be able to do this usefully as the win32 firewalls don't give you enough control).

If you'd created an os-level firewall rule, your app would never see any connections from banned IPs.

Mark

If it's going to be a major issue, you may want to put your game server behind a firewall. Not a software firewall, but a seperate machine. That way, in a DOS attack, your firewall may be overloaded, but the game server will not have to deal with it itself. With a little work, you could get your game server to add banned IPs directly to the firewall, too.

Another option (again on Linux) is to use TCP Wrappers, or even an iptables module to reject the appropriate connections.

However, as has already been pointed out, there's no way nor benefit from getting the address before accept() in general.

WinSock has a listen mode where you can screen accept calls by IP address, though I would advise against using it. It looks pretty low-performance and hard to use correctly, from the documentation on MSDN.