Bitcoin Forum
April 25, 2024, 09:36:05 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Bitcoin Technical Support > Invalid IP addresses on "receive version message" on debug.log
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Invalid IP addresses on "receive version message" on debug.log  (Read 1198 times)
.anto. (OP)
Full Member
***
Offline Offline

Activity: 179
Merit: 131


View Profile
February 20, 2016, 10:21:53 PM
 #1
On my full nodes, I got a lot of "receive version message" on the debug.log with "us=0.0.0.0" and "us=127.0.0.1". There are only a few peers causing the messages with IP address 0.0.0.0 but hundreds of peers causing the messages with IP address 127.0.0.1.

The peers which cause the messages with 0.0.0.0 IP address are using the following User Agents:
Code:
/libbitcoin:2.11.0/: version 70001
/Satoshi:0.11.2/: version 70002

And the peers which cause the messages with 127.0.0.1 IP address are using the following User Agents:
Code:
/BitCoinJ:0.11.2/MultiBit:0.5.18/: version 70001
/bitcoinj:0.12.2/: version 70001
/BitCoinJ:0.12SNAPSHOT/Aegis Wallet:1.0/: version 70001
/bitcoinj:0.13.2/Bitcoin Wallet:4.39/: version 70001
/bitcoinj:0.13.3/Bitcoin:1.04/: version 70001
/bitcoinj:0.13.3/Bitcoin Wallet:4.42/: version 70001
/bitcoinj:0.13.3/Bitcoin Wallet:4.43/: version 70001
/bitcoinj:0.13.3/Bitcoin Wallet:4.44/: version 70001
/bitcoinj:0.13.3/MultiBitHD:0.2.0/: version 70001
/bitcoinj:0.13.4/Bitcoin Wallet:4.45/: version 70001
/bitcoinj:0.13.4/Bitcoin Wallet:4.46/: version 70001
/bitcoinj:0.13/GetGems:1.0/: version 70001
/bitcoinj:0.13-SNAPSHOT/DNSSeed:43/: version 70001
/bitcoinj:0.13SNAPSHOT/DNSSeed:43/: version 70001
/Bither1.4.3/: version 70001

I am really wondering what causes this and what the impact of letting the peers which cause that keep coming in. Do you think it is wise to block those peers on my iptables firewall using ipset for instance?

Thanks in advance for any answers and comments.
1714037765
Hero Member
*
Offline Offline

Posts: 1714037765

View Profile Personal Message (Offline)

Ignore
1714037765
1714037765
Reply with quote  #2
1714037765
Report to moderator
1714037765
Hero Member
*
Offline Offline

Posts: 1714037765

View Profile Personal Message (Offline)

Ignore
1714037765
1714037765
Reply with quote  #2
1714037765
Report to moderator
1714037765
Hero Member
*
Offline Offline

Posts: 1714037765

View Profile Personal Message (Offline)

Ignore
1714037765
1714037765
Reply with quote  #2
1714037765
Report to moderator
The forum strives to allow free discussion of any ideas. All policies are built around this principle. This doesn't mean you can post garbage, though: posts should actually contain ideas, and these ideas should be argued reasonably.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1714037765
Hero Member
*
Offline Offline

Posts: 1714037765

View Profile Personal Message (Offline)

Ignore
1714037765
1714037765
Reply with quote  #2
1714037765
Report to moderator
1714037765
Hero Member
*
Offline Offline

Posts: 1714037765

View Profile Personal Message (Offline)

Ignore
1714037765
1714037765
Reply with quote  #2
1714037765
Report to moderator
1714037765
Hero Member
*
Offline Offline

Posts: 1714037765

View Profile Personal Message (Offline)

Ignore
1714037765
1714037765
Reply with quote  #2
1714037765
Report to moderator
Foxpup
Legendary
*
Online Online

Activity: 4340
Merit: 3042


Vile Vixen and Miss Bitcointalk 2021-2023


View Profile
February 21, 2016, 04:10:01 AM
 #2
Um, no, it is not wise to block connections to and from 0.0.0.0 and 127.0.0.1, though I don't think iptables affects non-routable addresses anyway. They're not invalid; ping them and see what happens. Notice the astonishingly low latency? Those are your IP addresses. That's what "us" means in the log.
Will pretend to do unspeakable things (while actually eating a taco) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
I am not on the scammers' paradise known as Telegram! Do not believe anyone claiming to be me off-forum without a signed message from the above address! Accept no excuses and make no exceptions!
.anto. (OP)
Full Member
***
Offline Offline

Activity: 179
Merit: 131


View Profile
February 21, 2016, 10:23:07 AM
 #3
Quote from: Foxpup on February 21, 2016, 04:10:01 AM
Um, no, it is not wise to block connections to and from 0.0.0.0 and 127.0.0.1, though I don't think iptables affects non-routable addresses anyway. They're not invalid; ping them and see what happens. Notice the astonishingly low latency? Those are your IP addresses. That's what "us" means in the log.

The IP addresses 0.0.0.0 and 127.0.0.1 are the IP address of my full nodes that the peers thought to be able to connect to - notice the word us on the following messages for instance:
Code:
.
2016-02-21 05:20:48 receive version message: /libbitcoin:2.11.0/: version 70001, blocks=399106, us=0.0.0.0:0, peer=2198, peeraddr=5.189.177.237:35504
2016-02-21 07:05:20 receive version message: /libbitcoin:2.11.0/: version 70001, blocks=0, us=0.0.0.0:0, peer=2549, peeraddr=85.93.88.92:53661
2016-02-21 08:53:08 receive version message: /libbitcoin:2.11.0/: version 70001, blocks=399106, us=0.0.0.0:0, peer=2919, peeraddr=5.189.177.237:60182
.
2016-02-21 10:06:58 receive version message: /bitcoinj:0.13-SNAPSHOT/DNSSeed:43/: version 70001, blocks=399428, us=127.0.0.1:8333, peer=3194, peeraddr=162.243.132.6:41992
2016-02-21 10:09:30 receive version message: /BitCoinJ:0.11.2/MultiBit:0.5.19/: version 70001, blocks=374614, us=127.0.0.1:8333, peer=3202, peeraddr=185.61.151.176:53738
2016-02-21 10:15:50 receive version message: /bitcoinj:0.13.4/Bitcoin Wallet:4.46/: version 70001, blocks=399428, us=127.0.0.1:8333, peer=3229, peeraddr=71.226.158.207:55651
.

So the IP addresses that I want to block are the IP addresses of the peers, i.e. the peeraddr.
.anto. (OP)
Full Member
***
Offline Offline

Activity: 179
Merit: 131


View Profile
February 28, 2016, 06:42:43 PM
 #4
I have blocked 2168 unique peers IPv4 addresses until now. The black list of is growing everyday Smiley

A part from blocking the peers causing the messages on debug.log like below:
Code:
receive version message: /Satoshi:0.11.2/: version 70002, blocks=398147, us=0.0.0.0:0
receive version message: /bcoin:1.0.0-alpha/: version 70002, blocks=370555, us=0.0.0.0:8333
receive version message: /bitcoinj:0.13.4/Bitcoin Wallet:4.46/: version 70001, blocks=400440, us=127.0.0.1:8333

I also blocked the peers which do not use valid (in my opinion) user agents like below:
Code:
receive version message: : version 32100
receive version message: : version 40000
receive version message: Why? Because fuck u, thats why: version 70002

There seems to be no significant affect on my node by blocking those peers as it is still running fine with the connected peers still always above 50, 56 at the time of my writing.
Code:
root@ledzeppelin:~# bitcoin-cli getinfo
{
  "version": 120000,
  "protocolversion": 70012,
  "blocks": 400442,
  "timeoffset": 0,
  "connections": 56,
  "proxy": "",
  "difficulty": 163491654908.9593,
  "testnet": false,
  "relayfee": 0.00001000,
  "errors": ""
}
root@ledzeppelin:~#

I hope by doing this my node will not relay the peers that are not serious in maintaining the integrity of Bitcoin network.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5180
Merit: 12884


View Profile
February 29, 2016, 03:22:23 PM
 #5
I think that BitcoinJ-based wallets (ie. most lightweight wallets) always send us=127.0.0.1. Probably most of them are real users.
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Bitcoin Technical Support > Invalid IP addresses on "receive version message" on debug.log
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!