Closed vinnyperella closed 1 year ago
Hi there!
Thank you for your report, it seems like it is a duplicate of this one: https://github.com/bitwarden/server/issues/2908
If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time in there - our engineering team will be happy to review these.
This issue will now be closed.
Thanks!
I don't know when this stopped working I know for a fact it worked at some point but I had just noticed recently the container IP address is shown in the identity logs rather than the real client IP address. The container IP address is also prepended with "::ffff:" which appears to be "an IPv4 address placed inside an IPv6 space" according to what I've found online. This is not my post but closely describes the problem I am seeing: https://community.bitwarden.com/t/identity-log-still-showing-container-ip-instead-of-real-ip/12836
I've configured the real_ips parameter in config.yml correctly (has not changed since it stopped working).
I've verified they are added to the nginx default.conf and that the header "X-Forwarded-For" is set (I assume this is done when you perform a rebuild).
172.16.0.0/12 should cover any IP address the container gets assigned (172.16.0.0 - 172.31.255.255).
When I trigger a failed login this is what I see in the identity logs.
2023-05-16 12:06:45.345 -04:00 [Warning] Failed login attempt. ::ffff:172.20.0.9
And this is what I see in the nginx access.log which shows the real IPv4 address of the client.
I have a hunch this is due to the "::ffff:" prefix I'm not sure if that was present when I first set up fail2ban I have IPv6 disabled on my host that's running bitwarden. I've tried commenting out the IPv6 listeners in the nginx config but I still get the same result.
Looking for some guidance I've tried to investigate this myself for the past couple weeks and have not made any progress. Perhaps there's some config parameter I can change to get the real IP address again. I found an email generated by fail2ban back in November 2022 banning an IP for Bitwarden failed login so I know this worked and I have not changed anything on my end so I assume something with Bitwarden/docker/etc changed.