IP check fails for my own public IP

Torann / laravel-geoip

Determine the geographical location of website visitors based on their IP addresses.

http://lyften.com/projects/laravel-geoip

BSD 2-Clause "Simplified" License

2.11k stars 372 forks source link

IP check fails for my own public IP #128

Open michaeldzjap opened 6 years ago

michaeldzjap commented 6 years ago

I am trying out Laravel Geoip with my own public IP address, but the isValid() method of GeoIP is returning false for some reason, thus bypassing the whole geolocation lookup. I have looked at the definition of isValid() and I have to admit that I am a little confused about its logic checks. In my case

filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)

returns my IP and

filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE)

returns false. So I suppose I may conclude that my IP is a valid IPV4 address. What is the purpose of negating each condition and then requiring they are both truthy?

I've also tried to bypass the whole isValid() check so that the request to my geolocation service is actually made (I am using ipstack through a custom service) and this returns a valid response with acceptable geolocation information.

Torann commented 5 years ago

Sounds like you might be testing you local IP and not your public facing one. FILTER_FLAG_NO_RES_RANGE fails validation for the following reserved IPv4 ranges: 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8 and 240.0.0.0/4 and the following reserved IPv6 ranges: ::1/128, ::/128,::ffff:0:0/96 and fe80::/10.

michaeldzjap commented 5 years ago

Sounds like you might be testing you local IP and not your public facing one.

No, I am certain that I was using my public IP address. Well, at least the public IP address Google returns when you search for "my IP". I assume that this is the correct public IP address for my machine. However, I decided not to use this library in the end, so this issue can be closed as far as I am concerned.

juhasev commented 4 years ago

I have a same issue and noticed while debugging the code that we have two filters here:

filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);

filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE);

Then in local development environment i.e. docker IP addresses are allocated to private range causing isValid() check to fail. It would be nice to have a config option to accept "private" IP ranges as well. Also internally the API will be set to 127.0.0.1 which is not the same IP given to the library. And of course you silently get the default which makes no sense as nobody ever want to store the default for the user. It would be nice to know if the IP address can be validated or not.

muffaddal commented 4 years ago

Can we test different country Ips through VPN? I have a module where I have to send data on the basis of geoip. i want to test this from different country ips.

srakl commented 7 months ago

How did you get this to work with ipstack? what changes need to be made? michaeldzjap](https://github.com/michaeldzjap)