IP address parsing fails when address contains port number suffix

[bg241]

Scenario:

Azure Application Gateway relays traffic to an Apache web server. Apache web server has GeoIP module installed, and is being configured to block web requests by requestor country.

Apache web server configured as follows:

LoadModule geoip_module     /usr/lib/apache2/modules/mod_geoip.so
<IfModule mod_geoip.c>
    GeoIPEnable On
    GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
    GeoIPUseLastXForwardedForIP On
    GeoIPOutput Env
    GeoIPScanProxyHeaders On
</IfModule>

The issue:

When you make a web request and view Apache access log entries, it can be observed the X-Forwarded-For variable (first token in the access log entry) contains an IP address with a port number.

Similarly, when view the Apache environment variables on a page request, you see the following:

It can be observed the that the X-Forwarded-For IP address contains a port number suffix (e.g. :55220). Consequently, the GEOIP_ADDR has the same suffix appended on the IP Address. As a result, the module fails to parse this IP address and fails to also identify GEOIP_COUNTRY_CODE and other GEOIP variables. Therefore, we're unable to write Apache rules to take certain actions based on the requesting user's country.

[bg241]

Apologies - lodged against wrong project