Wrong ip in logs when using multiple balancers (cloudflare+traefik)

[d3xt3r01]

Which version are you using?

v1.5.1

Which operating system are you using?

• [ ] Linux amd64 standard
• [x] Linux amd64 Docker
• [ ] Linux arm64 standard
• [ ] Linux arm64 Docker
• [ ] Linux arm7 standard
• [ ] Linux arm7 Docker
• [ ] Linux arm6 standard
• [ ] Linux arm6 Docker
• [ ] Windows amd64 standard
• [ ] Windows amd64 Docker (WSL backend)
• [ ] macOS amd64 standard
• [ ] macOS amd64 Docker
• [ ] Other (please describe)

Describe the issue

The wrong ip (cloudflare's) shows up in the logs when using an endpoint that's behind cloudflare which points to traefik.

Describe how to replicate the issue

1. start the server
2. have an endpoint in behind cloudflare pointing to a traefik instance
3. have that entrypoint based on some rule point to the mediamtx docker
4. just access a hls/webrtc or whatever, no need to publish anything
5. logs show cloudflare ip instead of the original ip from the list.

Did you attach the server logs?

2024/02/28 15:11:58 INF [HLS] [muxer dji] created (requested by 162.158.18.68) 2024/02/28 15:11:58 DEB [path dji] created 2024/02/28 15:11:58 INF [HLS] [muxer dji] destroyed: no one is publishing to path 'dji' 2024/02/28 15:11:58 DEB [path dji] destroyed: not in use 2024/02/28 15:11:58 DEB [HLS] [conn 172.16.1.2:49994] [s->c] HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: dji.d3x.ro Content-Type: text/plain Server: mediamtx

(body of 18 bytes) 2024/02/28 15:12:00 DEB [HLS] [conn 172.16.1.2:49994] GET /dji/index.m3u8 2024/02/28 15:12:00 DEB [HLS] [conn 172.16.1.2:49994] [c->s] GET /dji/index.m3u8 HTTP/1.1 Host: dji.d3x.ro Accept: / Accept-Encoding: gzip Accept-Language: en-GB,en-US;q=0.9,en;q=0.8,ro-RO;q=0.7,ro;q=0.6 Cdn-Loop: cloudflare Cf-Connecting-Ip: 86.121.161.39 Cf-Ipcountry: RO Cf-Ray: 85c99a751c6e6afe-OTP Cf-Visitor: {"scheme":"https"} Cookie: cf_clearance=yqV7LfMB_u94CeZgLSuPspw6XJW5RXhpVB29_1OgMNE-1709133116-1.0-AU4bHbG/GtmyUsKWSSHBdD3vHE32h48lF49MPtmwUod49odwBaKWyQ0yRRcFNOhAeohc5XzIi0s+sUKHJmvWANU= Dnt: 1 Referer: https://dji.d3x.ro/hls/ Sec-Ch-Ua: "Not A(Brand";v="99", "Google Chrome";v="121", "Chromium";v="121" Sec-Ch-Ua-Mobile: ?0 Sec-Ch-Ua-Platform: "Windows" Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 X-Forwarded-For: 86.121.161.39, 162.158.18.68 X-Forwarded-Host: dji.d3x.ro X-Forwarded-Port: 443 X-Forwarded-Proto: https X-Forwarded-Server: d99ae4dca9d4 X-Is-Trusted: yes X-Real-Ip: 86.121.161.39 X-Replaced-Path: /hls/index.m3u8

Did you attach a network dump?

no

[d3xt3r01]

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For says the first IP in the list should be used...

X-Forwarded-For: <client>, <proxy1>, <proxy2>