(opens in new tab)

(1.0.0.1)

130 pointsphineyes3y ago86 comments

86 comments

  $ man 3 inet_aton

  […]

   inet_aton() converts the Internet host address cp from the IPv4
   numbers-and-dots notation into binary form (in network byte order)
   and stores it in the structure that inp points to.  inet_aton()
   returns nonzero if the address is valid, zero if not.  The address
   supplied in cp can have one of the following forms:

   a.b.c.d   Each of the four numeric parts specifies a byte  of  the
             address;  the bytes are assigned in left-to-right order
             to produce the binary address.

   a.b.c     Parts a and b specify the first two bytes of the  binary
             address.   Part c is interpreted as a 16-bit value that
             defines the rightmost two bytes of the binary address.
             This notation is  suitable  for  specifying  (outmoded)
             Class B network addresses.

   a.b       Part a specifies the first byte of the binary address.
             Part b is interpreted as a 24-bit value that defines the
             rightmost three bytes of the binary address.  This
             notation is suitable for specifying (outmoded) Class A
             network addresses.

   a         The  value  a is interpreted as a 32-bit value that is
             stored directly into the binary address without any byte
             rearrangement.

   In all of the above forms, components of the dotted address can be
   specified in decimal, octal (with a leading 0), or hexadecimal,
   with a leading 0X).  Addresses in any of these forms are
   collectively termed IPV4 numbers-and-dots notation.  The form that
   uses exactly four decimal numbers is referred to as IPv4 dotted-
   decimal notation (or sometimes: IPv4 dotted-quad notation).

— https://manpages.debian.org/stable/manpages-dev/inet_aton.3....

larschdk3y ago

This is just a convention from BSD, and is not even POSIX compliant. However, 'ping 1.1' is a convenient shortcut (actually pings 1.0.0.1). iproute2 and systemd do not use inet_aton and don't follow this BSD4.2 convention and instead parse it as '1.1.0.0' or not at all.

gunapologist993y ago

It is part of POSIX:

https://github.com/golang/go/issues/36822#issuecomment-57938...

Also RFC 3986.

badrabbit3y ago

I saw someone ping 127.1 a while back and I was so surprised I didn't know about this even after a few years in networking in the past.

1 more reply

oleganza3y ago

(Not to pick on your particular comment, but to highlight a broader issue.)

I feel like convenient shortcuts are becoming hugely inconvenient when a system has hundreds of them. The unlimited amount of unix non-orthogonal options made "for convenience" cannot scale mentally.

xani_3y ago

> However, 'ping 1.1' is a convenient shortcut (actually pings 1.0.0.1).

Convenient for who!? that one guy that put his home network in 10.0.0 class ?

3 more replies

Wannabe13373y ago

You can also try my tool online which obfuscate an ip address. https://wannabe1337.xyz/text-ipobfuscator

ricardobayes3y ago

Is there a legitimate reason why to obfuscate an ip address?

herpderperator3y ago

To get around something that is otherwise blocking it? Seems useful as part of, for example, pentesting.

1 more reply

stanislavb3y ago

I'd suggest - SPAM.

For example, I use the presence of IPs in the URL as a SPAM signal. If one used such an obfuscated URL, they could avoid some of the SPAM filters.

anakaine3y ago

You may want to be aware that your banner ad was advertising layer 4/7 most powerful services.

I'm guessing advertising ddos / stressor services.

ThePowerOfFuet3y ago

They know. The link goes to:

hxxps://cybervm[.]io/?wannabe1337.xyz

tony-allan3y ago

Another way to encode https://1.0.0.1/

mikewarot3y ago

Extending this gets me to https://0xa000001/ which is flagged by chrome as all sorts of evil, even though it's just local address of my cable modem.

jesprenj3y ago

alternatively also http://0x01000001

nonoesp3y ago

Interestingly enough, I can't copy this to the clipboard on iOS. It automatically converts into http://1.0.0.1/.

You have to write it manually.

https://0x1000001

tsimionescu3y ago

Also, https://1.1 and https://1.0.1

TaylorAlexander3y ago

Doesn’t load for me with HTTP, only HTTPS. So your link doesn’t work for me.

2 more replies

dheera3y ago

> The free app that makes your Internet safer.

I don't consider anything closed source to be safe.

> 1.1.1.1 with WARP

WTF is WARP

> Your Internet service provider can see every site and app you use—even if they’re encrypted. Some providers even sell this data, or use it to target you with ads.

OK, fantastic, so instead of handing my ISP all my data, I hand it to ... you?

> the fastest DNS resolver on Earth.

I'm pretty sure that the for the 5 full seconds it takes a site like Gmail that saving 9ms on DNS isn't going to change much.

phineyesOP3y ago

Was more pointing out the numbered hostname, not the service its-self.

16777217 is just the lowest number that corresponds with a routed IP address :)

megous3y ago

It's not. 1 is (0.0.0.1)

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...

1 more reply

WHATDOESIT3y ago

> I don't consider anything closed source to be safe.

Having the source won't help you in any practical way to verify the security of this online service. The app is just a relatively simple connector to a VPN. You need to trust the service/its operator, and at that point you might as well trust that app too.

> OK, fantastic, so instead of handing my ISP all my data, I hand it to ... you?

Exactly right and fantastic indeed. You have to hand it to someone at some point. Having a choice and choosing something like Warp sounds much better than handing out my data to any random unknown ISP wherever I connect to a wifi (especially if I am visiting foreign countries with somewhat harsher network tracking laws) - and some people don't trust their home ISP too but don't have other options.

I'm happy for you that you have a trustable ISP with good opsec who won't betray you. Not everyone does.

They said "safer" not "perfectly safe".

GTP3y ago

Doesn't work on Firefox for Android. Edit: as noted in another comment, it works when removing the final dot.

chris_wot3y ago

Same with Firefox on Ubuntu

Semaphor3y ago

Not working in FF (Desktop stable, win)

messe3y ago

It doesn't work on firefox on mac either, but interestingly, if you remove the final period '.': https://16777217 works.

1 more reply

compsciphd3y ago

there's a dot at the end of the url when you click on it which breaks it

messe3y ago

https://1.0.0.1. works though, so the question is why a final period works for traditionally formatted IPv4 addresses (uint8.uint8.uint8.uint8), but not those formatted as a plain old uint32. If I wasn't jetlagged and a tad drunk I'd dig into it a bit.

I do wonder if there's a typo in the URL that OP intended, because the title is "https://16777217/" whereas the URL is "https://16777217." and . and / are only a key away from each other (at least on my IE/UK ISO layout).

1 more reply

retcore3y ago

RFC 1034 A fully qualified domain name must have a final dot/period after the tld. Adding the dot to a address that isn't resolved via DNS seems to be confusing the lookup.

Edit: leaving the above despite being untrue save semantically. inet_atom just wants byte order addresses dot separated and adding a trailing dot isn't anticipated and returning a error.

gunapologist993y ago

This has been part of POSIX for decades, but not in Golang net yet. :(

https://github.com/golang/go/issues/36822

mudream48693y ago

Golang's url.Parse works :) https://go.dev/play/p/A6O6yrSDrZm

edg-l3y ago

so does rust https://play.rust-lang.org/?version=stable&mode=debug&editio...

gunapologist993y ago

Not for 1.1.

WuRB3u27qAqegA83y ago

I like how variants of this have been discussed on here about 5 times in the last month.

Yes, weird formats that no one has used in about 3 decades (if they even used them then) are still supported. These include just about every way you can think of to encode a 32 bit IP address into between 1-4 groups. Cool.

graypegg3y ago

Did you make a new account just to complain about how you already knew something?

londons_explore3y ago

Warp bypassed government blocked sites in my country (the UK - which blocks RT.com as part of war efforts).

I'm not sure how long they'll be able to run such a service till the government tells them they have to implement site blocking.

sammy22553y ago

The UK is fighting a losing battle. Right now they snoop SNI headers and terminate connections to banned websites. But ECH is ready to be rolled out

silon423y ago

ECH can't be mandatory as many enterprises (that take security seriously) will block it, so they'll also be able to. No?

2 more replies

killingtime743y ago

With the speed of bureaucracy, at least 10 years?

nly3y ago

I'm in the UK and RT.com loads fine.

awaisraad3y ago

does switching to DoH works for you?

londons_explore3y ago

No - the sites are blocked by IP address and give ERR_SSL_PROTOCOL_ERROR when attempting to access them.

jquery3y ago

Very cool, but how does it affect mobile battery life? Is this something I want turned on all the time or best used when traveling?

I want to trust cloudflare here but I am hesitant to enable a VPN on my phone at all times.

Uptrenda3y ago

Is there any good reason to support this notation for URLs? Do you think this format would be faster to parse than regular IPs?

OrangeMonkey3y ago

Its been around since like 1996 at least, likely earlier.

Its A.B.C.D with A255^3 + B255^2 + C255^1 + D255^0.

Used to get around filters a long time ago but broke as most sites host multiple domains and it needs your browsers 'hostname' it sends it as part of the request to actually return the right site/page.

hexomancer3y ago

the 255s should be 256.

1 more reply

blfr3y ago

Nah, pretty sure it's pure netops wankery. I like it though.

aarobot3y ago

For 'google.com':

https://3627733454/

thrdbndndn3y ago

https doesn't work here, http does.

ERR_CERT_AUTHORITY_INVALID

vmoore3y ago

https://9.9.9.9/

pGuitar3y ago

Firefox shows the ip address 1.0.0.1 in the "status bar" when I hover that address

drug53y ago

Interesting. How is this encoded?

tirpen3y ago

It's just the bits of the ip number interpreted as one 32-bit integer instead of four 8-bit integers.

vimda3y ago

It's a decimal encoding of 0x01000001 - 1.0.0.1

OrangeMonkey3y ago

Its A.B.C.D with A255^3 + B255^2 + C255^1 + D255^0.

tirpen3y ago

Almost. Replace all 255 with 256 in the formula.

brassattax3y ago

https://0x1000001

bmon3y ago

similarly, https://1.1

capableweb3y ago

Or, one character shorter: http://ai

Is this maybe the shortest (currently reachable) domain?

stuartd3y ago

Some browsers need a trailing dot - http://ai. - this site was on HN a week or so ago in an article and I guess when they saw the resulting traffic they changed it, used to be the Antilles domain registrar homepage.

jarek833y ago

With Warp on, youtube does not play anything for me.

worldmerge3y ago

How does this work?

jhugo3y ago

IPv4 addresses are 32-bit numbers, the dotted-decimal representation is just a common way to represent those numbers.

throwaway7875443y ago

In particular inet_aton() function considers a single integer to be the 32bit form. Accepts decimal, octal, and hex. https://linux.die.net/man/3/inet_aton

diimdeep3y ago

> ping 1.1

lol, cool

ada19813y ago

What’s the diff between 1.1.1.1 and 1.0.0.1 ?

abeyer3y ago

0.1.1.0? :P

chrismorgan3y ago

1.0.0.1 is faster to write because most places will accept the spelling 1.1 (which is {u8}.{u24} formatting).

jhugo3y ago

They're two distinct IP addresses, but both are anycasted CloudFlare public DNS.

navigate83103y ago

They are the same and redundant fallbacks to each other

Quai3y ago

At home, when accessing my gw, I always use "ssh foo@10.1" to access 10.0.0.1.

mike_d3y ago

65,792

j / k navigate · click thread line to collapse

86 comments

teddyh3y ago

  $ man 3 inet_aton

  […]

   inet_aton() converts the Internet host address cp from the IPv4
   numbers-and-dots notation into binary form (in network byte order)
   and stores it in the structure that inp points to.  inet_aton()
   returns nonzero if the address is valid, zero if not.  The address
   supplied in cp can have one of the following forms:

   a.b.c.d   Each of the four numeric parts specifies a byte  of  the
             address;  the bytes are assigned in left-to-right order
             to produce the binary address.

   a.b.c     Parts a and b specify the first two bytes of the  binary
             address.   Part c is interpreted as a 16-bit value that
             defines the rightmost two bytes of the binary address.
             This notation is  suitable  for  specifying  (outmoded)
             Class B network addresses.

   a.b       Part a specifies the first byte of the binary address.
             Part b is interpreted as a 24-bit value that defines the
             rightmost three bytes of the binary address.  This
             notation is suitable for specifying (outmoded) Class A
             network addresses.

   a         The  value  a is interpreted as a 32-bit value that is
             stored directly into the binary address without any byte
             rearrangement.

   In all of the above forms, components of the dotted address can be
   specified in decimal, octal (with a leading 0), or hexadecimal,
   with a leading 0X).  Addresses in any of these forms are
   collectively termed IPV4 numbers-and-dots notation.  The form that
   uses exactly four decimal numbers is referred to as IPv4 dotted-
   decimal notation (or sometimes: IPv4 dotted-quad notation).

— https://manpages.debian.org/stable/manpages-dev/inet_aton.3....

larschdk3y ago

gunapologist993y ago

It is part of POSIX:

https://github.com/golang/go/issues/36822#issuecomment-57938...

Also RFC 3986.

badrabbit3y ago

I saw someone ping 127.1 a while back and I was so surprised I didn't know about this even after a few years in networking in the past.

1 more reply

oleganza3y ago

(Not to pick on your particular comment, but to highlight a broader issue.)

I feel like convenient shortcuts are becoming hugely inconvenient when a system has hundreds of them. The unlimited amount of unix non-orthogonal options made "for convenience" cannot scale mentally.

xani_3y ago

> However, 'ping 1.1' is a convenient shortcut (actually pings 1.0.0.1).

Convenient for who!? that one guy that put his home network in 10.0.0 class ?

3 more replies

Wannabe13373y ago

You can also try my tool online which obfuscate an ip address. https://wannabe1337.xyz/text-ipobfuscator

ricardobayes3y ago

Is there a legitimate reason why to obfuscate an ip address?

herpderperator3y ago

To get around something that is otherwise blocking it? Seems useful as part of, for example, pentesting.

1 more reply

stanislavb3y ago

I'd suggest - SPAM.

For example, I use the presence of IPs in the URL as a SPAM signal. If one used such an obfuscated URL, they could avoid some of the SPAM filters.

anakaine3y ago

You may want to be aware that your banner ad was advertising layer 4/7 most powerful services.

I'm guessing advertising ddos / stressor services.

ThePowerOfFuet3y ago

They know. The link goes to:

hxxps://cybervm[.]io/?wannabe1337.xyz

tony-allan3y ago

Another way to encode https://1.0.0.1/

mikewarot3y ago

Extending this gets me to https://0xa000001/ which is flagged by chrome as all sorts of evil, even though it's just local address of my cable modem.

jesprenj3y ago

alternatively also http://0x01000001

nonoesp3y ago

Interestingly enough, I can't copy this to the clipboard on iOS. It automatically converts into http://1.0.0.1/.

You have to write it manually.

https://0x1000001

tsimionescu3y ago

Also, https://1.1 and https://1.0.1

TaylorAlexander3y ago

Doesn’t load for me with HTTP, only HTTPS. So your link doesn’t work for me.

2 more replies

dheera3y ago

> The free app that makes your Internet safer.

I don't consider anything closed source to be safe.

> 1.1.1.1 with WARP

WTF is WARP

> Your Internet service provider can see every site and app you use—even if they’re encrypted. Some providers even sell this data, or use it to target you with ads.

OK, fantastic, so instead of handing my ISP all my data, I hand it to ... you?

> the fastest DNS resolver on Earth.

I'm pretty sure that the for the 5 full seconds it takes a site like Gmail that saving 9ms on DNS isn't going to change much.

phineyesOP3y ago

Was more pointing out the numbered hostname, not the service its-self.

16777217 is just the lowest number that corresponds with a routed IP address :)

megous3y ago

It's not. 1 is (0.0.0.1)

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...

1 more reply

WHATDOESIT3y ago

> I don't consider anything closed source to be safe.

> OK, fantastic, so instead of handing my ISP all my data, I hand it to ... you?

I'm happy for you that you have a trustable ISP with good opsec who won't betray you. Not everyone does.

They said "safer" not "perfectly safe".

GTP3y ago

Doesn't work on Firefox for Android. Edit: as noted in another comment, it works when removing the final dot.

chris_wot3y ago

Same with Firefox on Ubuntu

Semaphor3y ago

Not working in FF (Desktop stable, win)

messe3y ago

It doesn't work on firefox on mac either, but interestingly, if you remove the final period '.': https://16777217 works.

1 more reply

compsciphd3y ago

there's a dot at the end of the url when you click on it which breaks it

messe3y ago

1 more reply

retcore3y ago

RFC 1034 A fully qualified domain name must have a final dot/period after the tld. Adding the dot to a address that isn't resolved via DNS seems to be confusing the lookup.

Edit: leaving the above despite being untrue save semantically. inet_atom just wants byte order addresses dot separated and adding a trailing dot isn't anticipated and returning a error.

gunapologist993y ago

This has been part of POSIX for decades, but not in Golang net yet. :(

https://github.com/golang/go/issues/36822

mudream48693y ago

Golang's url.Parse works :) https://go.dev/play/p/A6O6yrSDrZm

edg-l3y ago

so does rust https://play.rust-lang.org/?version=stable&mode=debug&editio...

gunapologist993y ago

Not for 1.1.

WuRB3u27qAqegA83y ago

I like how variants of this have been discussed on here about 5 times in the last month.

graypegg3y ago

Did you make a new account just to complain about how you already knew something?

londons_explore3y ago

Warp bypassed government blocked sites in my country (the UK - which blocks RT.com as part of war efforts).

I'm not sure how long they'll be able to run such a service till the government tells them they have to implement site blocking.

sammy22553y ago

The UK is fighting a losing battle. Right now they snoop SNI headers and terminate connections to banned websites. But ECH is ready to be rolled out

silon423y ago

ECH can't be mandatory as many enterprises (that take security seriously) will block it, so they'll also be able to. No?

2 more replies

killingtime743y ago

With the speed of bureaucracy, at least 10 years?

nly3y ago

I'm in the UK and RT.com loads fine.

awaisraad3y ago

does switching to DoH works for you?

londons_explore3y ago

No - the sites are blocked by IP address and give ERR_SSL_PROTOCOL_ERROR when attempting to access them.

jquery3y ago

Very cool, but how does it affect mobile battery life? Is this something I want turned on all the time or best used when traveling?

I want to trust cloudflare here but I am hesitant to enable a VPN on my phone at all times.

Uptrenda3y ago

Is there any good reason to support this notation for URLs? Do you think this format would be faster to parse than regular IPs?

OrangeMonkey3y ago

Its been around since like 1996 at least, likely earlier.

Its A.B.C.D with A255^3 + B255^2 + C255^1 + D255^0.

hexomancer3y ago

the 255s should be 256.

1 more reply

blfr3y ago

Nah, pretty sure it's pure netops wankery. I like it though.

aarobot3y ago

For 'google.com':

https://3627733454/

thrdbndndn3y ago

https doesn't work here, http does.

ERR_CERT_AUTHORITY_INVALID

vmoore3y ago

https://9.9.9.9/

pGuitar3y ago

Firefox shows the ip address 1.0.0.1 in the "status bar" when I hover that address

drug53y ago

Interesting. How is this encoded?

tirpen3y ago

It's just the bits of the ip number interpreted as one 32-bit integer instead of four 8-bit integers.

vimda3y ago

It's a decimal encoding of 0x01000001 - 1.0.0.1

OrangeMonkey3y ago

Its A.B.C.D with A255^3 + B255^2 + C255^1 + D255^0.

tirpen3y ago

Almost. Replace all 255 with 256 in the formula.

brassattax3y ago

https://0x1000001

bmon3y ago

similarly, https://1.1

capableweb3y ago

Or, one character shorter: http://ai

Is this maybe the shortest (currently reachable) domain?

stuartd3y ago

jarek833y ago

With Warp on, youtube does not play anything for me.

worldmerge3y ago

How does this work?

jhugo3y ago

IPv4 addresses are 32-bit numbers, the dotted-decimal representation is just a common way to represent those numbers.

throwaway7875443y ago

In particular inet_aton() function considers a single integer to be the 32bit form. Accepts decimal, octal, and hex. https://linux.die.net/man/3/inet_aton

diimdeep3y ago

> ping 1.1

lol, cool

ada19813y ago

What’s the diff between 1.1.1.1 and 1.0.0.1 ?

abeyer3y ago

0.1.1.0? :P

chrismorgan3y ago

1.0.0.1 is faster to write because most places will accept the spelling 1.1 (which is {u8}.{u24} formatting).

jhugo3y ago

They're two distinct IP addresses, but both are anycasted CloudFlare public DNS.

navigate83103y ago

They are the same and redundant fallbacks to each other

Quai3y ago

At home, when accessing my gw, I always use "ssh foo@10.1" to access 10.0.0.1.

mike_d3y ago

65,792

j / k navigate · click thread line to collapse