Wrong IP Address

Question

Wrong IP Address

drveresh opened this issue 4 years ago · 3 comments

Hi,

I am using this with Cloud Functions on Firebase/GCP, but it is picking the wrong IP address.

The HTTP headers captured in the CF logs contains below:
{
"x-forwarded-for": "77.234.44.175,66.102.8.142",
"remote": "::ffff:169.254.8.129"
},

There, the IP 66.102.8.142 is the address of the server where it is deployed (CF instance), the IP "77.234.44.175" is the real client IP address who hit that request, and this IP filter should work based on client IP. Instead, it is taking "::ffff:169.254.8.129", and blocking all requests from every other IP address. I guess it's a bug.

Also, can you please give us an API or option to specify which field to refer to in the HTTP header?

Thanks.

Answer 1 · 2020-11-15T11:29:24.000Z

@jetersen, for the broader use case - https://stackoverflow.com/questions/17178908/is-there-a-way-to-prevent-certain-ip-to-connects-with-my-node-js-net-server

Answer 2 · 2020-11-15T11:32:08.000Z

Pull request are welcome.

Answer 3 · 2022-08-03T12:01:41.000Z

@drveresh you can create your own IP detection function:

let allowlist_ips = ['127.0.0.1']

let clientIp = function(req, res) {
  return req.headers['x-forwarded-for'] ? (req.headers['x-forwarded-for']).split(',')[0] : "" // this should pick the first x-forwarded-for ip address
}
  
app.use(
  ipFilter({
    detectIp: clientIp,
    forbidden: 'You are not authorized to access this page.',
    filter: allowlist_ips,
  })
)