On 2013-03-19 22:42 +0100 Lukas Fleischer wrote: >On Tue, Mar 19, 2013 at 05:12:23PM -0400, canyonknight wrote: >> On Tue, Mar 19, 2013 at 9:23 AM, Lukas Fleischer >> <[email protected]> wrote: >> > This allows for specifying a list of IP addresses that will no longer be >> > able to register new accounts and login. The list of banned IP addresses >> > can be configured in "web/lib/config.inc.php". >> > >> > Signed-off-by: Lukas Fleischer <[email protected]> >> > --- >> >> What are your thoughts on taking this a step further and adding a >> "bans" table to the DB schema? It could eventually be extended to >> allow for TUs and Developers to ban IP addresses directly from the web >> interface without ever having to muck around with the config file. > >Exactly what I was planning to do. > >We should also display each user's last login IP address in his profile >(only visible to developers and TUs) and add a "Ban this IP address" >button next to it. The "Save last login IP address" patch I submitted >already adds the IP address to the Users table.
Do the IPs need to be visible? In the case of a single IP a simple ban button will suffice. A proxied IP will be completely different every time so subsequent addresses are unrelated. That only leaves netmasked dynamic IPs. It would be enough to have an interface button connected to a query that returns all users with an IP in the netmasked range (/24?). You could even automatically flag user accounts that share a range with banned IPs, again without divulging the IP address. >Oh, and we might want to exclude TUs and developers from IP bans. I haven't tried it, but can't TUs disable each other's TU status? The exclusion would be trivial if so.
