Hi,
We have developped encap to check IP address validity.
Incoming IP address is stored into a variable "requestIP", which can be either request.tcp.remoteHost, or if XFF header present, from this header (if gateway is behind web proxy).
It happens a few times where there seem to be a problem with this variable
having its value changed inside a loop, which seems, at first, impossible.
Code:
Audit events when loop failing, e.g. couldnt find address 83.167.141.238 as "whitelisted", from IP list:
83.167.141.238/32
7.24.161.98/24
7.26.244.67/24
168.124.12.205/24
You can see indeed that "requestIP" seems to have changed value, or that "All access to IP" is doing internally something weird.
Incoming address on this API was indeed 83.167.141.238 but loop failed to validate it as for an unknown reason incoming IP was first set to 52.97.162.109, which is in fact another IP address used by another API.
Allowed IP parameters:
What is wrong here ?