matiasgarciaisaia
commented
2 months ago I've done some quick local tests, and here this conn.remote_ip is the reverse proxy's one - but we have the X-Forwarded-For header present in the conn, so we should use that instead:
Local request (using dockerdev)
app-1 | 2024-04-24T19:31:29.898Z request_id=F8lOLVYWVPy2524AAB_D [warn] Here's a conn we received:
app-1 | %Plug.Conn{
app-1 | adapter: {Plug.Cowboy.Conn, :...},
app-1 | assigns: %{
app-1 | current_user: %Ask.User{
app-1 | __meta__: #Ecto.Schema.Metadata<:loaded, "users">,
app-1 | channels: #Ecto.Association.NotLoaded,
app-1 | confirmation_sent_at: nil,
app-1 | confirmation_token: nil,
app-1 | confirmed_at: nil,
app-1 | current_password: nil,
app-1 | email: "mgarcia@manas.com.ar",
app-1 | id: 1,
app-1 | inserted_at: ~U[2024-04-24 19:31:15Z],
app-1 | name: "",
app-1 | oauth_tokens: #Ecto.Association.NotLoaded,
app-1 | password: nil,
app-1 | password_confirmation: nil,
app-1 | password_hash: "$2b$12$F/aI3s4KuhUg.IVHZ5WR1ehUK.mAzO85dFEwwKqBssN/DKN20XJC2",
app-1 | project_memberships: #Ecto.Association.NotLoaded,
app-1 | projects: #Ecto.Association.NotLoaded,
app-1 | remember_created_at: nil,
app-1 | reset_password_sent_at: nil,
app-1 | reset_password_token: nil,
app-1 | settings: %{},
app-1 | updated_at: ~U[2024-04-24 19:31:15Z]
app-1 | }
app-1 | },
app-1 | body_params: %{"survey" => %{"generates_panel_survey" => false}},
app-1 | cookies: %{
app-1 | "_ask_key" => "SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYc1lSV2s2TFRvQTdDN2kzWWZUUGY1UT09bQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQQXlDNk9EQVFJY3UyU2c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJDM3OTgwMzc4LTAyNzEtMTFlZi1hMjQxLTAyNDJhYzEyMDAwM20AAAAOdXNlcl9yZXR1cm5fdG9kAANuaWw.S77RRfh85nANMM5pqMnqrELHPWpFzoGzwkh2d4zwRUI",
app-1 | "_ga" => "GA1.1.1550521521.1713380373",
app-1 | "_ga_699NE13B0K" => "GS1.1.1713986843.3.0.1713986843.0.0.0"
app-1 | },
app-1 | halted: false,
app-1 | host: "app.surveda.lvh.me",
app-1 | method: "POST",
app-1 | owner: #PID<0.1354.0>,
app-1 | params: %{
app-1 | "project_id" => "1",
app-1 | "survey" => %{"generates_panel_survey" => false}
app-1 | },
app-1 | path_info: ["api", "v1", "projects", "1", "surveys"],
app-1 | path_params: %{"project_id" => "1"},
app-1 | port: 80,
app-1 | private: %{
app-1 | AskWeb.Router => {[], %{Plug.Swoosh.MailboxPreview => ["mailbox"]}},
app-1 | :before_send => [#Function<2.60763813/1 in Phoenix.Controller.fetch_flash/2>,
app-1 | #Function<0.29283909/1 in Plug.Session.before_send/2>,
app-1 | #Function<1.73153509/1 in Plug.Logger.call/2>,
app-1 | #Function<0.106162560/1 in Phoenix.LiveReloader.before_send_inject_reloader/3>],
app-1 | :phoenix_action => :create,
app-1 | :phoenix_controller => AskWeb.SurveyController,
app-1 | :phoenix_endpoint => AskWeb.Endpoint,
app-1 | :phoenix_flash => %{},
app-1 | :phoenix_format => "json",
app-1 | :phoenix_layout => {AskWeb.LayoutView, :app},
app-1 | :phoenix_router => AskWeb.Router,
app-1 | :phoenix_view => AskWeb.SurveyView,
app-1 | :plug_session => %{
app-1 | "_csrf_token" => "sYRWk6LToA7C7i3YfTPf5Q==",
app-1 | "client_state" => %{client_id: "AyC6ODAQIcu2Sg==", redirect: nil},
app-1 | "session_auth" => "37980378-0271-11ef-a241-0242ac120003",
app-1 | "user_return_to" => nil
app-1 | },
app-1 | :plug_session_fetch => :done
app-1 | },
app-1 | query_params: %{},
app-1 | query_string: "",
app-1 | remote_ip: {172, 28, 0, 2},
app-1 | req_cookies: %{
app-1 | "_ask_key" => "SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYc1lSV2s2TFRvQTdDN2kzWWZUUGY1UT09bQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQQXlDNk9EQVFJY3UyU2c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJDM3OTgwMzc4LTAyNzEtMTFlZi1hMjQxLTAyNDJhYzEyMDAwM20AAAAOdXNlcl9yZXR1cm5fdG9kAANuaWw.S77RRfh85nANMM5pqMnqrELHPWpFzoGzwkh2d4zwRUI",
app-1 | "_ga" => "GA1.1.1550521521.1713380373",
app-1 | "_ga_699NE13B0K" => "GS1.1.1713986843.3.0.1713986843.0.0.0"
app-1 | },
app-1 | req_headers: [
app-1 | {"accept", "application/json"},
app-1 | {"accept-encoding", "gzip, deflate"},
app-1 | {"accept-language", "en-GB,en;q=0.5"},
app-1 | {"connection", "close"},
app-1 | {"content-length", "43"},
app-1 | {"content-type", "application/json"},
app-1 | {"cookie",
app-1 | "_ga_699NE13B0K=GS1.1.1713986843.3.0.1713986843.0.0.0; _ga=GA1.1.1550521521.1713380373; _ask_key=SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYc1lSV2s2TFRvQTdDN2kzWWZUUGY1UT09bQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQQXlDNk9EQVFJY3UyU2c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJDM3OTgwMzc4LTAyNzEtMTFlZi1hMjQxLTAyNDJhYzEyMDAwM20AAAAOdXNlcl9yZXR1cm5fdG9kAANuaWw.S77RRfh85nANMM5pqMnqrELHPWpFzoGzwkh2d4zwRUI"},
app-1 | {"dnt", "1"},
app-1 | {"host", "app.surveda.lvh.me"},
app-1 | {"origin", "http://app.surveda.lvh.me"},
app-1 | {"referer", "http://app.surveda.lvh.me/projects/1/surveys"},
app-1 | {"user-agent",
app-1 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:125.0) Gecko/20100101 Firefox/125.0"},
app-1 | {"x-forwarded-for", "192.168.65.1"},
app-1 | {"x-forwarded-proto", "http"},
app-1 | {"x-real-ip", "192.168.65.1"}
app-1 | ],
app-1 | request_path: "/api/v1/projects/1/surveys",
app-1 | resp_body: nil,
app-1 | resp_cookies: %{},
app-1 | resp_headers: [
app-1 | {"cache-control", "max-age=0, private, must-revalidate"},
app-1 | {"x-request-id", "F8lOLVYWVPy2524AAB_D"}
app-1 | ],
app-1 | scheme: :http,
app-1 | script_name: [],
app-1 | secret_key_base: :...,
app-1 | state: :unset,
app-1 | status: nil
app-1 | }
app-1 | 2024-04-24T19:31:29.899Z request_id=F8lOLVYWVPy2524AAB_D [warn] ~~~~~
"Internet" request (using ngrok)
app-1 | 2024-04-24T19:36:19.946Z request_id=F8lOcOH5bBWgZ3MAAEXh [warn] Here's a conn we received:
app-1 | %Plug.Conn{
app-1 | adapter: {Plug.Cowboy.Conn, :...},
app-1 | assigns: %{
app-1 | current_user: %Ask.User{
app-1 | __meta__: #Ecto.Schema.Metadata<:loaded, "users">,
app-1 | channels: #Ecto.Association.NotLoaded,
app-1 | confirmation_sent_at: nil,
app-1 | confirmation_token: nil,
app-1 | confirmed_at: nil,
app-1 | current_password: nil,
app-1 | email: "mgarcia@manas.com.ar",
app-1 | id: 1,
app-1 | inserted_at: ~U[2024-04-24 19:31:15Z],
app-1 | name: "",
app-1 | oauth_tokens: #Ecto.Association.NotLoaded,
app-1 | password: nil,
app-1 | password_confirmation: nil,
app-1 | password_hash: "$2b$12$F/aI3s4KuhUg.IVHZ5WR1ehUK.mAzO85dFEwwKqBssN/DKN20XJC2",
app-1 | project_memberships: #Ecto.Association.NotLoaded,
app-1 | projects: #Ecto.Association.NotLoaded,
app-1 | remember_created_at: nil,
app-1 | reset_password_sent_at: nil,
app-1 | reset_password_token: nil,
app-1 | settings: %{},
app-1 | updated_at: ~U[2024-04-24 19:31:15Z]
app-1 | }
app-1 | },
app-1 | body_params: %{"survey" => %{"generates_panel_survey" => false}},
app-1 | cookies: %{
app-1 | "_ask_key" => "SFMyNTY.g3QAAAADbQAAAAtfY3NyZl90b2tlbm0AAAAYZzlpdG1XckItVWpid1dnbEhRTWRuc0FxbQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQVlFsNGkrU0lsMHBiS3c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJGU0OWI1MTljLTAyNzEtMTFlZi1iOGQyLTAyNDJhYzEyMDAwMw.VhpPuyUCyHERzpUv3R59xD8zQgEVbMrJ4cphKDXwkSQ"
app-1 | },
app-1 | halted: false,
app-1 | host: "5f83-181-45-244-38.ngrok-free.app",
app-1 | method: "POST",
app-1 | owner: #PID<0.2208.0>,
app-1 | params: %{
app-1 | "project_id" => "1",
app-1 | "survey" => %{"generates_panel_survey" => false}
app-1 | },
app-1 | path_info: ["api", "v1", "projects", "1", "surveys"],
app-1 | path_params: %{"project_id" => "1"},
app-1 | port: 80,
app-1 | private: %{
app-1 | AskWeb.Router => {[], %{Plug.Swoosh.MailboxPreview => ["mailbox"]}},
app-1 | :before_send => [#Function<2.60763813/1 in Phoenix.Controller.fetch_flash/2>,
app-1 | #Function<0.29283909/1 in Plug.Session.before_send/2>,
app-1 | #Function<1.73153509/1 in Plug.Logger.call/2>,
app-1 | #Function<0.106162560/1 in Phoenix.LiveReloader.before_send_inject_reloader/3>],
app-1 | :phoenix_action => :create,
app-1 | :phoenix_controller => AskWeb.SurveyController,
app-1 | :phoenix_endpoint => AskWeb.Endpoint,
app-1 | :phoenix_flash => %{},
app-1 | :phoenix_format => "json",
app-1 | :phoenix_layout => {AskWeb.LayoutView, :app},
app-1 | :phoenix_router => AskWeb.Router,
app-1 | :phoenix_view => AskWeb.SurveyView,
app-1 | :plug_session => %{
app-1 | "_csrf_token" => "g9itmWrB-UjbwWglHQMdnsAq",
app-1 | "client_state" => %{client_id: "VQl4i+SIl0pbKw==", redirect: nil},
app-1 | "session_auth" => "e49b519c-0271-11ef-b8d2-0242ac120003"
app-1 | },
app-1 | :plug_session_fetch => :done
app-1 | },
app-1 | query_params: %{},
app-1 | query_string: "",
app-1 | remote_ip: {172, 18, 0, 4},
app-1 | req_cookies: %{
app-1 | "_ask_key" => "SFMyNTY.g3QAAAADbQAAAAtfY3NyZl90b2tlbm0AAAAYZzlpdG1XckItVWpid1dnbEhRTWRuc0FxbQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQVlFsNGkrU0lsMHBiS3c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJGU0OWI1MTljLTAyNzEtMTFlZi1iOGQyLTAyNDJhYzEyMDAwMw.VhpPuyUCyHERzpUv3R59xD8zQgEVbMrJ4cphKDXwkSQ"
app-1 | },
app-1 | req_headers: [
app-1 | {"accept", "application/json"},
app-1 | {"accept-encoding", "gzip, deflate, br"},
app-1 | {"accept-language", "en-GB,en;q=0.5"},
app-1 | {"content-length", "43"},
app-1 | {"content-type", "application/json"},
app-1 | {"cookie",
app-1 | "_ask_key=SFMyNTY.g3QAAAADbQAAAAtfY3NyZl90b2tlbm0AAAAYZzlpdG1XckItVWpid1dnbEhRTWRuc0FxbQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQVlFsNGkrU0lsMHBiS3c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJGU0OWI1MTljLTAyNzEtMTFlZi1iOGQyLTAyNDJhYzEyMDAwMw.VhpPuyUCyHERzpUv3R59xD8zQgEVbMrJ4cphKDXwkSQ"},
app-1 | {"dnt", "1"},
app-1 | {"host", "5f83-181-45-244-38.ngrok-free.app"},
app-1 | {"origin", "https://5f83-181-45-244-38.ngrok-free.app"},
app-1 | {"referer", "https://5f83-181-45-244-38.ngrok-free.app/projects/1/surveys"},
app-1 | {"sec-fetch-dest", "empty"},
app-1 | {"sec-fetch-mode", "cors"},
app-1 | {"sec-fetch-site", "same-origin"},
app-1 | {"te", "trailers"},
app-1 | {"user-agent",
app-1 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:125.0) Gecko/20100101 Firefox/125.0"},
app-1 | {"x-forwarded-for", "181.45.244.38"},
app-1 | {"x-forwarded-host", "5f83-181-45-244-38.ngrok-free.app"},
app-1 | {"x-forwarded-proto", "https"}
app-1 | ],
app-1 | request_path: "/api/v1/projects/1/surveys",
app-1 | resp_body: nil,
app-1 | resp_cookies: %{},
app-1 | resp_headers: [
app-1 | {"cache-control", "max-age=0, private, must-revalidate"},
app-1 | {"x-request-id", "F8lOcOH5bBWgZ3MAAEXh"}
app-1 | ],
app-1 | scheme: :http,
app-1 | script_name: [],
app-1 | secret_key_base: :...,
app-1 | state: :unset,
app-1 | status: nil
app-1 | }
app-1 | 2024-04-24T19:36:19.947Z request_id=F8lOcOH5bBWgZ3MAAEXh [warn] ~~~~~
You can see my public IP 181.45.244.38 in that last example.
In the country instances we're using, Surveda's Activity Log is recording internal Docker IPs (
10.42.133.167) instead of the user's actual public IP address.