IPwhitelist middleware errors

lewisd19 · November 28, 2022, 12:45pm

Hello all,

Please pardon me, this is my very first post in here. Ive been tearing my hair out trying to get the IPwhitelist middleware working. Ive searched and I see the previous posts on this and Ive got mine setup properly (i believe) according to the documentation but I am seeing in the logs:

"Rejecting IP : empty IP address" middlewareName=middlewares-internalonly@file middlewareType=IPWhiteLister

Here is my middlewares.yml config

 #Prevent external access
    middlewares-internalonly:
      IpWhiteList:
        sourceRange:
          - "172.168.90.0/24"     #Traefik Network
          - "172.168.91.0/24"     #Socket Proxy Network
          - "172.28.0.0/24"     #Docker LAN Network
          - "10.0.0.0/8"
          - "192.168.128.0/24"
          - "172.16.0.0/12"
          - "10.20.10.0/24"    #Private LAN Addresses
            #- "100.64.0.0/10"     #Tailscale Network

        ipStrategy:
                #depth: 2
          excludedIPs:
            - "103.21.244.0/22"   #Start Cloudflare Proxies
            - "103.22.200.0/22"
            - "103.31.4.0/22"
            - "104.16.0.0/13"
            - "104.24.0.0/14"
            - "108.162.192.0/18"
            - "131.0.72.0/22"
            - "141.101.64.0/18"
            - "162.158.0.0/15"
            - "172.64.0.0/13"
            - "173.245.48.0/20"
            - "188.114.96.0/20"
            - "190.93.240.0/20"
            - "197.234.240.0/22"
            - "198.41.128.0/17"  #End Cloudflare Proxies

and my middlewares-chains.yml

http:
  middlewares:
    chain-no-auth:
      chain:
        middlewares:
                #- middlewares-traefik-bouncer
          - middlewares-rate-limit
          - middlewares-https-redirectscheme
          - middlewares-secure-headers
          - middlewares-compress

    chain-basic-auth:
      chain:
        middlewares:
                #- middlewares-traefik-bouncer
          - middlewares-rate-limit
          - middlewares-https-redirectscheme
          - middlewares-secure-headers
          - middlewares-basic-auth
          - middlewares-compress

    chain-nextcloud:
      chain:
        middlewares:
          - middlewares-rate-limit
          - nextcloud-middlewares-secure-headers
          - nextcloud-redirect

    chain-oauth:
      chain:
        middlewares:
                #- middlewares-traefik-bouncer
          - middlewares-rate-limit
          - middlewares-https-redirectscheme
          - middlewares-secure-headers
          - middlewares-oauth
          - middlewares-compress

     ## Internal Access Only
    chain-internal:
      chain:
        middlewares:
                #- middlewares-rate-limit
          - middlewares-secure-headers
             #- middlewares-robots-noindex
          - middlewares-internalonly

I am using Traefikv2.8. Can anyone help me understand what I'm missing?

bluepuma77 · November 28, 2022, 3:32pm

Why do you have IPs allowed and forbidden? Shouldn’t you decide for a single strategy?

jur3 · November 28, 2023, 12:16pm

I had the same issue and figured out that I had the wrong depth setting on the middleware.

If the number of Client IPs in X-forwarded-from request header is less than the depth setting on the middleware IpWhitelist you will get and empty Client IP in the middleware.

Traefik documentation was updated ... Traefik HTTP Middlewares IPWhiteList - Traefik

Topic		Replies	Views
ipWhiteList middleware w/ cloudflare not functioning properly Traefik v2 (latest) docker , file , middleware	0	331	November 29, 2023
Whitelist Configuration Traefik v2 (latest) middleware	4	1257	March 28, 2022
Ipwhitelist logging (refuse) Traefik v2 (latest) middleware	2	743	January 6, 2021
Combine IpWhitelist and Errors Middlewares. Is it possible? Traefik v2 (latest) middleware	0	307	February 9, 2022
ipWhiteList with excludedIPs setting will result in empty IP address when there is 1 IP address in X-Forwarded-For Header Traefik v2 (latest) middleware	2	1336	April 10, 2024

IPwhitelist middleware errors

Related Topics