亚马逊ELB后面带有node-js的远程IP地址

发布于 2024-12-01 04:39:27 字数 224 浏览 0 评论 0原文

我在弹性负载均衡器（elb）后面的实例存储亚马逊机器上有一个节点应用程序。然而，远程IP地址似乎总是相同的。我使用此代码在节点中获取客户端的 IP 地址（通过 connect/express）：

req.socket.remoteAddress

我没有从节点文档中获得任何其他信息。有什么提示吗？

原文

I have a node application on an instance-store amazon machine behind the elastic load balancer (elb). However, the remote IP adress seems to always be the same. I used this code to get the client's IP address in node (via connect/express):

req.socket.remoteAddress

I didn't get anything else from the node documentation. Any hint?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

纵情客 2024-12-08 04:39:27

这是如果您使用快递的解决方案：
根据文档，您可以为您的express实例启用信任代理然后 req.ip 将填充正确的 IP 地址。

通过 app.enable('trust proxy') 启用“信任代理”设置，
Express 将知道它位于代理后面并且
X-Forwarded-* 标头字段可能是可信的，否则可能是
很容易被欺骗。
启用此设置会产生一些微妙的影响。其中第一个
是 X-Forwarded-Proto 可以由反向代理设置来告诉
应用程序认为它是 https 或简单的 http。该值反映为
请求协议。
第二个更改是 req.ip 和 req.ips 值将是
填充了 X-Forwarded-For 的地址列表。

这是一个例子：

var app = express();
app.enable('trust proxy');
// ...

app.use(function(req, res, next) {
  console.log('client ip address:', req.ip);
  return next();
});

Here's a solution in case you are using express:
According to the documentation, you can enable trust proxy for your express instance and then req.ip will be populated with the correct ip address.

By enabling the "trust proxy" setting via app.enable('trust proxy'),
Express will have knowledge that it's sitting behind a proxy and that
the X-Forwarded-* header fields may be trusted, which otherwise may be
easily spoofed.
Enabling this setting has several subtle effects. The first of which
is that X-Forwarded-Proto may be set by the reverse proxy to tell the
app that it is https or simply http. This value is reflected by
req.protocol.
The second change this makes is the req.ip and req.ips values will be
populated with X-Forwarded-For's list of addresses.

Here's an example:

var app = express();
app.enable('trust proxy');
// ...

app.use(function(req, res, next) {
  console.log('client ip address:', req.ip);
  return next();
});

回复收藏 0 原文

假情假意假温柔 2024-12-08 04:39:27

答案对我有用，谢谢。但你可以尝试：

var ip_address = null;
if(req.headers['x-forwarded-for']){
    ip_address = req.headers['x-forwarded-for'];
}
else {
    ip_address = req.connection.remoteAddress;
}
sys.puts( ip_address );

The answer worked for me, thanks. But you may just try:

var ip_address = null;
if(req.headers['x-forwarded-for']){
    ip_address = req.headers['x-forwarded-for'];
}
else {
    ip_address = req.connection.remoteAddress;
}
sys.puts( ip_address );

回复收藏 0 原文

泅人 2024-12-08 04:39:27

您收到 ELB 实例的 IP，并且需要从标头中获取 x-forwarded-for 值。由于我不是 Node.js 专家，因此我在 http://forum.webfaction.com/ 找到了这段代码viewtopic.php?id=4500

示例：

var http = require( 'http' ),
sys = require( 'sys' );

http.createServer(
        function( req, res ) {
                        var ip_address = null;
                        try {
                                ip_address = req.headers['x-forwarded-for'];
                        }
                        catch ( error ) {
                                ip_address = req.connection.remoteAddress;
                        }
                        sys.puts( ip_address );
        }
);

Your receiving the IP of the ELB instance and you'll need to get the x-forwarded-for value from the headers. Since I'm not a node.js guru, I found this code at http://forum.webfaction.com/viewtopic.php?id=4500

Example:

var http = require( 'http' ),
sys = require( 'sys' );

http.createServer(
        function( req, res ) {
                        var ip_address = null;
                        try {
                                ip_address = req.headers['x-forwarded-for'];
                        }
                        catch ( error ) {
                                ip_address = req.connection.remoteAddress;
                        }
                        sys.puts( ip_address );
        }
);

回复收藏 0 原文

半世晨晓 2024-12-08 04:39:27

这里选择的正确答案是危险的，因为 AWS ELB 按预期切换顺序： https ://github.com/koajs/koa/issues/1094#issuecomment-345861282

Express、koa等通常采取最左边的项目，而 ELB 使其成为最右边的项目

（express docs）：

如果为 true，客户端的 IP 地址将被理解为 X-Forwarded-For 标头中最左侧的条目。

回复收藏 0 原文

眼眸印温柔 2024-12-08 04:39:27

如果 express.js 正在使用：

app.set('trust proxy', 2)

而不是

app.enable('trust proxy')

因为 app.enable('trust proxy') 使用 x-forwarded-for 标头中最左边的 ip，并且因此只需手动提供 x-forwarded-for 标头即可轻松欺骗。

而 app.set('trust proxy', 2) 指定了从 x-forwarded-for 标头从右到左计数的跳数。即，如果有一个 AWS 负载均衡器，则计数的正确数字将是 2 以上，因为每个新的跃点 ip 都会添加到 x-forwarded-for 标头的末尾。

如果您使用其他东西，请执行类似的操作。只需获取 req.headers['x-forwarded-for']，用逗号分割，然后从右到左计算跳数，直到不排除负载均衡器 ip。

In case if express.js is in use:

app.set('trust proxy', 2)

Instead of

app.enable('trust proxy')

Because the app.enable('trust proxy') uses the leftmost ip from the x-forwarded-for header and so can be easily spoofed by just providing x-forwarded-for header manually.

While the app.set('trust proxy', 2) has the number of hops specified that being counted from right to left of the x-forwarded-for header. I.e. if there is an AWS load balancer than 2 will be the right number to count because each new hop ip is added to the end of the x-forwarded-for header.

If you're using something else then do the similar way. Just get the req.headers['x-forwarded-for'], split by coma and then count hops from right to left until load balancer ip is not excluded.

回复收藏 0 原文

~没有更多了~