Problem when testing for IP addresses that come with a port?

[jfix]

Hi, I'm trying to use express-ipfilter to restrict access to a site via whitelisting, on azurewebsites.net which uses IP address forwarding via headers (x-forwarded-for works fine). When testing on Azure, I see these console.log entries:

Access denied to IP address: xx.xx.xx.xx:37442
req.ip: undefined
forw.ip: xx.xx.xx.xx:37442
whitelist: xx.xx.xx.xx

This is how we invoke the ipfilter middleware:

app.use(ipfilter(['::1', '127.0.0.1', process.env.IP_WHITELIST], {
  log: true,
  logLevel: 'all',
  mode: 'allow',
  allowedHeaders: ['x-forwarded-for']
}))

We're using the whitelist mode (mode: 'allow').

The first log entry is clearly the express-ipfilter output. The second line is where we check whether the req object provides an IP address, and then we look for an x-forwarded-for header. The last line is just the contents of the IP white list that's stored as an environment variable. By the way, we actually use an IP address range, but the problem occurs also when just using one IP address.

Could there be a problem with the fact that the port is present (and which changes for each request)? Because that's the only reason I can see.

Simulating this locally, in the dev environment works fine (with both IP v6 and v4 addresses). But here we don't have the port present.

Thanks for any help or guidance.

[johngrant]

I've done a little debugging around this fix. The fix:

if(iputil.isV4Format(ipAddress) && ~ipAddress.indexOf(':')){
      ipAddress = ipAddress.split(':')[0];
 }

but during a debug session these are my results in the debug console:

ipAddress
"127.0.0.1:8000"
iputil.isV4Format(ipAddress)
false

Can someone confirm this and let me know what you would like to do? Thanks!

[jfix]

The problem is with the iputil module (which is actually ip if I remember correctly). See here: https://github.com/baminteractive/express-ipfilter/issues/52

[johngrant]

I see now. I ended up using the custom IP detection function. Thank you!