search

m1k1o / neko

A self hosted virtual browser that runs in docker and uses WebRTC.
https://neko.m1k1o.net/
Apache License 2.0
5.95k stars 449 forks source link

IP ban on one person bans everyone #341

Closed SpiderSuave closed 7 months ago

SpiderSuave commented 8 months ago

Hi,

Doing an IP ban on just one person prevents anyone at all from logging in no matter their IP address, including administrators. They all get the ban message at the login. Anyone who then leaves the room also cannot reenter, getting the same ban message.

This was tried with several users and I tested it myself with a different IP address. A single ban just bans all addresses.

Thanks.

m1k1o commented 8 months ago

Do you use neko directly or behind a reverse proxy? Because if you use reverse proxy and it's not exposing the real clients IP, with each ban you actually ban the reverse proxy thus all users.

SpiderSuave commented 8 months ago

Hello and thank you. I'm running Neko with Neko-Rooms (using the install script) on a Linode VPS with Ubuntu 23.04 and there's no proxy setting that I know of after checking, but maybe I'm missing something. Any suggestion on what I should look for there that could be the culprit? Thanks again for your help.

m1k1o commented 8 months ago

You could enable debug mode and see in logs what client's IP address you see there.

SpiderSuave commented 7 months ago

Hello again. On the VPS I'm using, Linode, according to the tech there, apparently there's no such log file to check for IP addresses connecting, but they also assured me that IP addresses of clients should be visible to my Linode since it's not behind a NodeBalance, and should be visible to Neko. They're figuring it's something I have misconfigured in Neko that is blocking wildcard address 0.0.0.0/32. Please, can you think of anything I could check in Neko that might be causing this? Thank you for any help. Much appreciated.

SpiderSuave commented 7 months ago

I just tried now on a different VPS, Vultr, and it still does the same problem. IP ban on a user bans any incoming connection at all and no new person and log in to Neko. Do I need to change the hostname or DNS or maybe something else in Neko-Rooms? Thanks for any help.

SpiderSuave commented 7 months ago

Okay, the IP ban function is working fine using standalone Neko, but not with Neko-Rooms, so the problem is in the Neko-Rooms default config.

m1k1o commented 7 months ago

Moved to https://github.com/m1k1o/neko-rooms/issues/107