IP address identification not broad enough
| Project: | Drupal |
| Version: | 6.x-dev |
| Component: | base system |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | patch (code needs review) |
From an email from Benjamin Schrauwen
> As for the 172 issue - this has driven me crazy frankly - has nothing to do with mollom. When I switched hosts about 90 days ago, all of the comments, trackbacks, everything said the 172 address. No one on drupal forums, email support list could seem to help me. Finally my hosting provider told me it's because I am hosted in the cloud and that I have to pass along another code instead of asking for the ip normally. The code is:
> $_SERVER['HTTP_X_CLUSTER_CLIENT_IP']
>
> So I went into trackback module and comment module and changed the code in the actual module. And it started working great immediately - I saw the ip addresses correctly. Then yesterday, I looked again and it's back to 172 again. Now I can't figure out why. Any ideas would be very much appreciated.Yes, getting a correct IP address of a HTTP connection seems to be an
issue all over the place. I found this list of variables which might
hold the visitor's IP address:HTTP_CLIENT_IP
HTTP_X_FORWARDED_FOR
HTTP_X_CLUSTER_CLIENT_IP
HTTP_PROXY_USER
REMOTE_ADDRCould you try too see which works.
With kind regards,
Benjamin.
#1
See also http://drupal.org/node/172364.
#2
This is a problem for Mollom so I came up with a fix for DRUPAL-6 and CVS HEAD.
I don't have a cluster environment so I can't actually test the patch. I doubt anyone has.
#3
*My turn to bump a patch*
#4
Adds a test for the ip address function
#5
Minor style issue: if you have to reroll, please end comments with periods so that they form complete sentences. The variations of IP, ip and Ip should all probably be standardized as IP (I guess).
#6
I've made the changes suggested by Keith and committed the patch to CVS HEAD. The bootstrap.inc part should go into DRUPAL-6 as well as we're not always capturing the right address.
#7
I don't know what happens in a cluster environment, but under normal circumstances this header can be spoofed.
#8
That's right, I'm of the same opinion like John Morahan. If it's a well configured cluster, the real IP should be passed through to the servers behind the proxy. And so, it's their task to perform this step. And I'm also sure that all these servers like APACHE or LIGHTTPD support this feature.
#9
You were right. The brackets were not placed properly. I fixed this in CVS HEAD. Thanks.
#10
Hm, what HEAD? What would be the patch to commit to 6.x?
#11
#12
This one, I guess? This is a combination of #4 (minus the test) and http://cvs.drupal.org/viewvc.py/drupal/drupal/includes/bootstrap.inc?r1=...
#13
Here's one with the style changes from #5 too.