This is my code:
public class DatabaseHandler : MonoBehaviour
{
string url = "https://fakeid.firebaseio.com/";
void Start()
{
StartCoroutine(GetLevelsCoroutine());
}
IEnumerator GetLevelsCoroutine()
{
using (UnityWebRequest www = UnityWebRequest.Get(url))
{
www.SetRequestHeader("X-Firebase-Decoding", "1");
yield return www.SendWebRequest();
if (www.isDone)
{
Debug.Log(www.error);
string result = www.downloadHandler.text;
Debug.Log(result);
}
}
}
}
The result variable is null and the www.error is "unknown error"
I have been trying different things in order to fix this but, I just can't figure out what's causing this error, since it's just a generic error.
I have also read that this may be an unitywebrequest bug, if it is so, are there any alternatives?
Finally found the solution to the problem. (It only occurs on some Linux OS)
Unity only officially supports Ubuntu Linux, so it is looking (and failing to find) the certificate store where it would expect it to be. You can work around on Fedora by creating a symbolic link:
mkdir -p /etc/ssl/certs && ln -s /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt
This is the source where I got it from: https://forum.unity.com/threads/ubuntu-headless-build-tls-handshake-fails.546704/
It seems like you're trying to get JSON from the Firebase Realtime Database through its REST API. Requests to the REST API must end in .json, otherwise Firebase interprets them as requests to open the console on that location. So UnityWebRequest.Get(url+.json)
I very long Looking for but not found a answer, hot to change bluetooth connection parameter (Connection Interval, Slave Latency, Supervision Timeout) on Android (master) device. Must importent for me is Supervision Timeout becouse on android by defaut is 20 seconds and i need lessen, i find CONNECTION_PRIORITY_BALANCED, CONNECTION_PRIORITY_HIGH and CONNECTION_PRIORITY_LOW_POWER but they dont change Supervision Timeout time,
or impossible to change connection parameter from Android (master)?
Please help me.
Thanks in advence.
Unfortunately, you are only allowed to do whatever API allows you. In most cases, mobile OS APIs do not allow you to do low level settings for the purpose of user friendly experience. Imagine you developed an app which uses connection parameters that drains battery... Then the user of your application would most probably complain about the OS provider or the OEM. This is not wanted and should be prevented. However, if you want to do low level changes for experimental reasons (research etc.), I would recommend you to download the Android API source code, do the changes and insert the custom ANdroid API to your phone (you need to root your phone).
Here is the related part from the source code in BluetoothGatt.class related to your request:
public boolean requestConnectionPriority(int connectionPriority) {
if (connectionPriority < CONNECTION_PRIORITY_BALANCED ||
connectionPriority > CONNECTION_PRIORITY_LOW_POWER) {
throw new IllegalArgumentException("connectionPriority not within valid range");
}
if (DBG) Log.d(TAG, "requestConnectionPriority() - params: " + connectionPriority);
if (mService == null || mClientIf == 0) return false;
try {
mService.connectionParameterUpdate(mClientIf, mDevice.getAddress(), connectionPriority);
} catch (RemoteException e) {
Log.e(TAG,"",e);
return false;
}
return true;
}
I would look for the implementation of BluetoothGattService#connectionParameterUpdate.
Starting last night around 2:00 am - some 8 hours after anybody touched anything having to do with the website - our Azure website began throwing this error:
Error: ErrorCode:SubStatus:There is a temporary failure. Please retry later. (One or more specified cache servers are unavailable, which could be caused by busy network or servers. For on-premises cache clusters, also verify the following conditions. Ensure that security permission has been granted for this client account, and check that the AppFabric Caching Service is allowed through the firewall on all cache hosts. Also the MaxBufferSize on the server must be greater than or equal to the serialized object size sent from the client.). Additional Information : The client was trying to communicate with the server: net.tcp://payboardprod.cache.windows.net:22233. ( at Microsoft.ApplicationServer.Caching.DataCache.ThrowException(ErrStatus errStatus, Guid trackingId, Exception responseException, Byte[][] payload, EndpointID destination)
Basically, it looks as if our Azure cache server took a dive. But there's no indication of this anywhere on our Azure management console, which indicates that the caching server in question is up and running just fine. Nor is there any indication of a problem on the Azure service availability dashboard (http://azure.microsoft.com/en-us/support/service-dashboard/). The only indication of any sort of a problem is that our Azure cache service started reporting zero requests around 1:00 am.
Our beta site, which uses a different caching server but is otherwise configured identically, stayed up through this whole episode.
We just have a BizSpark account, and hence no ability to open support tickets with MS.
We've restored service by disabling external caching, but that's obviously not optimal.
Any suggestions for troubleshooting this?
Wrap your calling code in appropriate protection (try / catch) and then cope with the failure at the app tier. The commodity platform offered in any cloud can (and does) have these sorts of issues from time-to-time. You need to bake in logging and log somewhere like Azure Diagnostics (http://msdn.microsoft.com/en-us/library/gg433048.aspx) for later troubleshooting.
I still haven't figured out what the problem was, and just ended up following Simon W's advice about wrapping everything in try/catches up the wazoo. But because it's not 100% intuitive, and took me several tries to get the code for cache retrieval right, I thought I'd post it here for anybody else who's interested.
public TValue Get(string key, Func<TValue> missingFunc)
{
// We need to ensure that two processes don't try to calculate the same value at the same time. That just wastes resources.
// So we pull out a value from the _cacheLocks dictionary, and lock on that before trying to retrieve the object.
// This does add a bit more locking, and hence the chance for one process to lock up everything else.
// We may need to add some timeouts here at some point in time. It also doesn't prevent two processes on different
// machines from trying the same bit o' nonsense. Oh well. It's probably still a worthwhile optimization.
key = _keyPrefix + "." + key;
var value = default(TValue);
object cacheLock;
lock (_cacheLocks)
{
if (!_cacheLocks.TryGetValue(key, out cacheLock))
{
cacheLock = new object();
_cacheLocks[key] = cacheLock;
}
}
lock (cacheLock)
{
// Try to get the value from the cache.
try
{
value = _cache.Get(key) as TValue;
}
catch (SerializationException ex)
{
// This can happen when the app restarts, and we discover that the dynamic entity names have changed, and the desired type
// is no longer around, e.g., "Organization_6BA9E1E1184D9B7BDCC50D94471D7A730423456A15BBAFB6A2C6AC0FF94C0D41"
// If that's the error, we should probably warn about it, but no point in logging it as an error, since it's more-or-less expected.
_logger.Warn("Error retrieving item '" + key + "' from Azure cache; falling back to missingFunc(). Error = " + ex);
}
catch (Exception ex)
{
_logger.Error("Error retrieving item '" + key + "' from Azure cache; falling back to missingFunc(). Error = " + ex);
}
// If we didn't get anything interesting, then call the function that should be able to retrieve it for us.
if (value == default(TValue))
{
// If that function throws an exception, don't swallow it.
value = missingFunc();
// If we try to put it into the cache, and *that* throws an exception,
// log it, and then swallow it.
try
{
_cache.Put(key, value);
}
catch (Exception ex)
{
_logger.Error("Error putting item '" + key + "' into Azure cache. Error = " + ex);
}
}
}
return value;
}
You can use it like so:
var user = UserCache.Get(email, () =>
_db.Users
.FirstOrDefault(u => u.Email == email)
.ShallowClone());
I need to develop a netty based Client, that accepts messages from a Notification Server, and places these messages as Http Requests to another Server in real time.
I have already coded a working application which does this, but I need to add multi-threading to this.
At this point, I am getting confused on how to handle Netty Channels inside a multi-threaded program, as I am all loaded with the conventional approach of sockets and threads.
When I tried to separate the Netty requesting part into a method, It complains about the Channels not being closed.
Can anyone guide me how to handle this?
I would like to use ExecutionHandler and OrderedMemoryAwareThreadPoolExecutor, but I am really new into this.
Help with some examples would be a real favour at this time.
Thanks in advance.
Just add an ExecutionHandler to the ChannelPipeline. This will make sure that every ChannelUpstreamHandler which is added behind the ExecutionHandler will get executed in an extra thread and so does not block the worker-thread.
Have you looked at the example code on the Netty site? The TelnetServer looks to do what you are talking about. The factory creates new handlers whenever it gets a connection. Threads from the Executors will be used whenever there is a new connection. You could use any thread pool and executor there I suspect:
// Configure the server.
ServerBootstrap bootstrap = new ServerBootstrap(
new NioServerSocketChannelFactory(
Executors.newCachedThreadPool(), << change
Executors.newCachedThreadPool())); << change
// Configure the pipeline factory.
bootstrap.setPipelineFactory(new TelnetServerPipelineFactory());
// Bind and start to accept incoming connections.
bootstrap.bind(new InetSocketAddress(8080));
The TelnetServerHandler then handles the individual results.
#Override
public void messageReceived(ChannelHandlerContext ctx, MessageEvent e) {
// Cast to a String first.
// We know it is a String because we put some codec in TelnetPipelineFactory.
String request = (String) e.getMessage();
// Generate and write a response.
String response;
boolean close = false;
if (request.length() == 0) {
response = "Please type something.\r\n";
When the telnet is ready to close the connection it does this:
ChannelFuture future = e.getChannel().write(response);
if (close) {
future.addListener(ChannelFutureListener.CLOSE);
}
Would it be possible to block Tor users? (https://www.torproject.org/)
Due to the nature of the site I run I should do all I can to stop multiple accounts and block certain locations. Tor is worse than proxies - a total nightmare...
Tor is much easier to block than other open proxies since the list of exit IP addresses is known and published. Read the answer at https://www.torproject.org/docs/faq-abuse.html.en#Bans and if you still want to block users from accessing your site you could use https://www.torproject.org/projects/tordnsel.html.en or the Bulk Exit List exporting tool.
If you use the Bulk Exit List exporting tool be sure to get a fresh list often and expire the old blocks since the list of IP addresses change.
Blocking Tor is wrong because (ab)users and IP addresses are not the same. By blocking Tor you will also block legitimate users and harmless restricted Tor exit nodes configured with conservative exit policies.
For example, if you concerned about attacks on SSH (port 22) then blocking only Tor will do little to increase security. What you really might need is dynamic synchronised blacklist like http://denyhosts.sourceforge.net/ that track offenders disregarding of their affiliation with Tor.
Denyhosts will automatically block Tor exit nodes that allow Tor to access port 22 without unnecessary denying access to anonymous users and operators of Tor exit nodes who never let offenders to attack your SSH services.
The Tor Project actually provides its own list here:
https://check.torproject.org/exit-addresses
In .NET it's possible and simple. I have implemented it on my site.
Let's say your site has an external IP address of 192.168.0.5 for argument's sake. Real TOR IP address at the time of posting: 95.215.44.97
Imports System.Net
Imports System.Net.Sockets
Imports System.Web
Private Function IsTorExitNode(sIP As String) As Boolean
' Reverse your IP (97.44.215.95) then pass to the string, I have just created it as one for this example
Try
Dim strTor As String = "97.44.215.95.80.5.0.168.192.ip-port.exitlist.torproject.org"
Dim host As IPHostEntry = Dns.GetHostEntry(strTor)
If host.AddressList.Length = 0 Then
Return False
Else
If host.AddressList(0).ToString() = "127.0.0.2" Then
Return True
Else
Return False
End If
End If
Catch ex As SocketException
Return False
End Try
End Function
Breakdown
Reversed IP address: 97.44.215.95
Port: 80
Reversed IP address: (your external site IP address)
If the address is a TorExitNode it will return 127.0.0.2.
In your Global.asax file, you can use the Application_Start to check if IP address returns true and then redirect them away from your site:
If IsTorExitNode("97.44.215.95") = True Then Response.Redirect("http://www.google.co.uk")
Now, as soon as they hit your site they are redirected away from it.
TOR has a list of IP addresses, but obviously they change all the time so using my function would be the best way as it's always real-time.
You can use the TorDNSEL service to perform a live query about whether a specific IP address is a Tor exit node. You query the service via a specially-formed DNS request.
Here is some sample PHP code that performs the lookup:
function isTorExitNode() {
$serverPort = $_SERVER['SERVER_PORT'];
$remoteAddr = reverseIp(getClientIp());
$serverAddr = reverseIp($_SERVER['SERVER_ADDR']);
$placeholders = '%s.%s.%s.ip-port.exitlist.torproject.org';
$name = sprintf($placeholders, $remoteAddr, $serverPort, $serverAddr);
return ( gethostbyname($name) === '127.0.0.2' );
}
function getClientIp() {
if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
return $_SERVER['HTTP_CF_CONNECTING_IP'];
}
return $_SERVER['REMOTE_ADDR'];
}
function reverseIp($ip) {
$ipParts = explode('.', $ip);
return $ipParts[3] . '.' . $ipParts[2] . '.' .
$ipParts[1] . '.' . $ipParts[0];
}
if (!isTorExitNode()) {
// Do nothing
} else {
Die("Sorry, You cannot use TOR network!!!");
}
Important Notes:
This example supports IPv4 addresses only, not IPv6.
It could take a couple of seconds to get a response, so be careful about introducing delays into your site rendering.
Since TorDNSEL was deprecated and replaced by a new system in april 2020 [1], most of the answers in this thread are outdated.
After a bit of wrangling I came up with this code that uses the new checker. What it does is it reverses the ip octets and creates a URL for the new checker, then performs a DNS request and checks wether or not the first answer has the "127.0.0.2" IP. If this is the case, the user is deemed to come from Tor, otherwise it returns false.
function IsTorExitPoint(){
$dns_record = dns_get_record(ReverseIPOctets($_SERVER['REMOTE_ADDR']).".dnsel.torproject.org.");
if ($dns_record && $dns_record[0] && $dns_record[0]["ip"] == "127.0.0.2") {
return true;
} else {
return false;
}
}
function ReverseIPOctets($inputip){
$ipoc = explode(".",$inputip);
return $ipoc[3].".".$ipoc[2].".".$ipoc[1].".".$ipoc[0];
}
[1] https://lists.torproject.org/pipermail/tor-project/2020-March/002759.html
PD: It's been a while since I've posted an answer to stackoverflow, so please bear with me and help me improve if possible.
It's a fact, that the best application defence is its code and security, not a firewall blocklist. If it's an essential matter for you to have real true users - you have to use two-factor authentication. Blocklists are totally useless nowadays.
Here (see https://github.com/RD17/DeTor) is a simple REST API to determine whether a request was made from TOR network or not.
The request is:
curl -X GET http://detor.ambar.cloud/.
The response is:
{
"sourceIp": "104.200.20.46",
"destIp": "89.207.89.82",
"destPort": "8080",
"found": true
}
As a bonus you can add a badge to your site to detect whether a user comes from TOR or not:
<img src="http://detor.ambar.cloud/badge" />
(This was written for a PHP specific question that was subsequently deleted and linked here as a duplicate).
Disclaimer: Consider the impact of blocking all Tor users as raised in the best answer here. Consider only blocking functions such as registration, payment, comments etc and not a blanket block on everything.
--
Here are two pure PHP solutions. The first downloads and caches a Tor node list and compares the visitor IP against the list. The second uses the Tor DNS Exit List project to determine if the visitor is using Tor via DNS lookups.
Method #1 (Checking IP against a Tor relay list):
Using the following set of functions we can determine if an IP belongs to the Tor network by checking it against a dynamic exit list that gets downloaded and cached for 10 minutes. Feel free to use this list but please cache for 10 minutes when possible.
Where you want to enforce the Tor check, you can simply use:
$isTorUser = isTorUser($_SERVER['REMOTE_ADDR']);
if ($isTorUser) {
// blocking action
}
Here is the code which you can put in a separate functions file and include when you want to run the check. Note, you may want to adjust some of it to change the path to the cache file.
<?php
function isTorUser($ip)
{
$list = getTorExitList();
if (arrayBinarySearch($ip, $list) !== false) {
return true;
} else {
return false;
}
}
function getTorExitList()
{
$path = __DIR__ . '/tor-list.cache';
if ( file_exists($path) && time() - filemtime($path) < 600 ) {
$list = include $path;
if ($list && is_array($list)) {
return $list;
}
}
$data = file('https://www2.openinternet.io/tor/tor-exit-list.txt');
if (!$data) {
return array();
}
$list = array();
foreach($data as $line) {
$line = trim($line);
if ($line == '' || $line[0] == '#') continue;
list($nick, $ip) = explode("\t", $line);
$list[] = $ip;
}
sort($list);
file_put_contents($path, sprintf("<?php return %s;", var_export($list, true)));
return $list;
}
/**
* Perform binary search of a sorted array.
* Credit: http://php.net/manual/en/function.array-search.php#39115
*
* Tested by VigilanTor for accuracy and efficiency
*
* #param string $needle String to search for
* #param array $haystack Array to search within
* #return boolean|number false if not found, or index if found
*/
function arrayBinarySearch($needle, $haystack)
{
$high = count($haystack);
$low = 0;
while ($high - $low > 1){
$probe = ($high + $low) / 2;
if ($haystack[$probe] < $needle){
$low = $probe;
} else{
$high = $probe;
}
}
if ($high == count($haystack) || $haystack[$high] != $needle) {
return false;
} else {
return $high;
}
}
Method #2 (Checking IP against the Tor DNS Exit List Project):
The DNS exit check is a bit more robust in that it takes into account the relay's exit policy and looks at what IP and port on your server the client is connecting to and if such exit traffic is permitted, it will return a match. The potential downfall is that if the DNS project is down temporarily, DNS requests can hang before timing out slowing things down.
For this example, I will use a class from a library I wrote and maintain called TorUtils.
First, you'll need to install it with Composer using composer require dapphp/torutils and include the standard vendor/autoloader.php code in your application.
The code for the check:
$isTor = false;
try {
// check for Tor using the remote (client IP)
if (TorDNSEL::isTor($_SERVER['REMOTE_ADDR'])) {
// do something special for Tor users
} else {
// not using Tor, educate them! :-D
}
} catch (\Exception $ex) {
// This would likely be a timeout, or possibly a malformed DNS response
error_log("Tor DNSEL query failed: " . $ex->getMessage());
}
if ($isTor) {
// blocking action
}
Additional Considerations
If your application uses PHP sessions, I'd highly suggest caching the "isTorUser" response into the session (along with the source IP) and only run the check initially or when the IP changes (e.g. $_SERVER['REMOTE_ADDR'] != $_SESSION['last_remote_addr']) as not to perform many duplicated lookups. Even though they try to be very efficient, it's a waste to do over and over for the same IP.
I found a list of all the Tor nodes updated every half an hour: https://www.dan.me.uk/tornodes
This SHOULD include the exit, entries and bridge nodes used to connect and browse through Tor.
Use this Perl script to gather the IP addresses from a downloaded webpage:
perl -lne 'print $& if /(\d+\.){3}\d+/' downloadedwebpage.html > listofips.out
It will give you a list of IP addresses , one per line. I have tried to find something that will do this without the Perl script, but after many hours searching I could not find one.
I hope this helps.
I also found some good information here too on the same site:
https://www.dan.me.uk/dnsbl
Detecting Tor traffic is rather easy. The main way to do this is to monitor the Tor exit node list and compare the IP against the list.
I had the need to do such a thing recently and built a small Ruby gem to keep the list of exit nodes up to date and provide a simple way to detect exit nodes. I also wrote a small executable you can use to detect exit nodes.
The gem is open source and can be found here: tor-guard
Installing the gem is simple enough:
$ gem install tor-guard
Using the library in your own Ruby code can be done as follows:
require 'tor-guard'
if TorGuard.exit_node?('108.56.199.13')
puts "Yep, it's an exit node!"
end
The executable is also easy to use:
$ tg 108.56.199.13 && echo "Yep, it's an exit node"
It is possible due to the tor project publishing a list of exit proxies.
The list of exit proxies can be downloaded directly from the project at https://check.torproject.org/exit-addresses in space delimited text form.
I have written a python script to add iptables rules for all exit nodes that reject all packets from them. You can find the script on github here: https://github.com/vab/torblock
If the Tor Project ever decides to stop publishing a list of exit nodes it will be possible to block them. Code would just need to be written to connect to the tor network and discover the exit nodes.
Yes, and in fact here is a script that will do it for all of your windows machines. Like others mentioned above, it's as simple as blocking all the exit nodes, but that takes a little work.
https://github.com/Austin-Src/BlockTor
I have already curated the tor nodes and tor exit nodes list which keep updating hourly. Please refer to https://github.com/SecOps-Institute/Tor-IP-Addresses
You can do a git pull every hour and get the most updated list.
For whatever reason I wasn't able to find another answer on here, as of now (20 Shevat 5781 (from Creation)) that has this particular link, so here it is:
https://check.torproject.org/torbulkexitlist
I got it by downloading Tor, then opening up a find my IP address website, then navigating to that IP address (it happens to be http://195.176.3.20/, if you navigate to it you should find the list also), and navigating to it....