Blog Documentation Try Vanilla Cloud
Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

LastIPAddress in table user shows interal NAT address

GaryFunkGaryFunk Senior Application Developer ✭✭
in Vanilla 2.0 - 2.8

I am running 2.1a33.

I notice when I logon with my laptop from work, my IP address gets saved as the internal NAT address. A check of the webserver logs shows the correct IP address I am connecting from but this address does not get recorded to the AllIPAddresses.

Is this a bug or have I broken some code?

Comments

  • Options
    peregrineperegrine MVP
    edited December 2012

    probably related to HTTP_X_FORWARDED_FOR

    not an answer but...

    I'm just curious does it return a private ip (if your intranet is in this range).

     10.0.0.0        -   10.255.255.255  (10/8 prefix)   
 172.16.0.0      -   172.31.255.255  (172.16/12 prefix)   
 192.168.0.0     -   192.168.255.255 (192.168/16 prefix)

    and what does it show for the lastipaddress?

    what does it show from here, when logged in from work.

    http://www.auditmypc.com/digital-footprint.asp

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • Options
    GaryFunkGaryFunk Senior Application Developer ✭✭

    Yes, 192.168.X.X The funny thing, is, if I use my work computer it returns the WAN address and not the 10.X.X.X address. The BIG difference is the work computer is behind a very secure firewall. I think it might to be javascript, but just guessing.

  • Options
    peregrineperegrine MVP
    edited December 2012

    by wan wide area network address do you mean address after translation or ip of firewall.

    it all is figured out via

    class.request.php

    not really giving you an answer but that's where it is done.

    the way your laptop and work computer "work" could be related to the method of nat translation, pooling, etc on firewall or router.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • Options
    GaryFunkGaryFunk Senior Application Developer ✭✭

    By WAN, I mean the real world IP address. The one that ends at the firewall. Vanilla recording the NAT address is useless. That address cannot be traced.

  • Options
    peregrineperegrine MVP
    edited December 2012

    @GaryFunk said:
    By WAN, I mean the real world IP address. The one that ends at the firewall. Vanilla recording the NAT address is useless. That address cannot be traced.

    :) you mean by looking at the webserver logs they can't identify one address (firewall ip) and then pinpointing you at the organization by the the private nat address.

    it might serve some purpose in the case of forwarding or proxies.

    I see what you mean, thats why I was wondering what the values for the other ip addresses were in lastipaddress, insertipaddress, etc.

    I don't have a way to test - but it would probably be worth throwing the remote_ip as well as the HTTP_X_FORWARDED_FOR ip into the alliptable for easy identification in case of mischief.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • Options
    GaryFunkGaryFunk Senior Application Developer ✭✭

    At this point it's not a big deal to me, but it is recording the an IP address that is useless to record. I need to post a new discussion dealing with SSO and passwords. Maybe you can figure that one out. ;)

Sign In or Register to comment.