Open crosesvg opened 1 year ago
can confirm This reddit user has also come to the same conclusion: https://www.reddit.com/r/nginxproxymanager/comments/110634p/comment/j8lc9cj/?utm_source=share&utm_medium=web2x&context=3
Having the same issue. adding
location = / { allow 192.168.0.0/24; deny all; }
manually to the advanced settings resolves the issue, so it seems like the access lists arent properly inserting it
Try to check(box) "Satisfy any" [x]
I had issues with HTTP Basic Auth as well, but this made sure it satisfied on IP-restrictions only.
I had tried this and it did not work
On Sat, Oct 21, 2023, 11:53 PM dezza @.***> wrote:
Try to check(box) "Satisfy any" [x]
I had issues with HTTP Basic Auth as well, but this made sure it satisfied on IP-restrictions only.
— Reply to this email directly, view it on GitHub https://github.com/NginxProxyManager/nginx-proxy-manager/issues/3002#issuecomment-1773985765, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHANMY2IR2VIQUEZA6LRINTYASKB5AVCNFSM6AAAAAAZJEBKEKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONZTHE4DKNZWGU . You are receiving this because you commented.Message ID: @.***>
I had tried this and it did not work
Ok! Well maybe try with a new entry so you're sure a new file is being created.
I couldn't get the basic auth working, not sure why, it showed my user and an excerpt (3 letters or so) of the password for login, but this login never worked in basic auth, so not sure what was wrong..
Btw the issue with not seeing the correct source IP is easily resolved by running the container with --network=slirp4netns:port_handler=slirp4netns
Issue is now considered stale. If you want to keep it open, please comment :+1:
Checklist
jc21/nginx-proxy-manager:latest
docker image?Describe the bug Access lists do not work as all connections are seen to originate from the containers gateway address
Nginx Proxy Manager Version v2.10.3
To Reproduce Steps to reproduce the behavior: Configure an Access list to: allow traffic from local networks (e.g. 192.168.0.0/16) Deny traffic from all Assign the access list to a proxy host Attempt to access the proxy host
Expected behavior Traffic originating from 192.168.0.0/16 networks are granted access Traffic originating from other internal/external networks are denied
Actual behavior Traffic from 192.168.0.0/16 networks are denied access if the access list is updated to include 172.16.0.0/16 (e.g. the subnet/ip address of the docker container/gateway) then connections are allowed from all networks (as all requests are seen to originate from the subnet that the container/gateway resides in)
Operating System Docker desktop/WSL on Windows