Welcome to the Linux Foundation Forum!

Lab 10.1 Block IP address Express

gicontz
gicontz Posts: 5
in LFW212 Class Forum

Seems like the validate.js not working properly.

Ive tried to request using it and debug the remoteAddress of two requests:

validate.js

☑️  GET http://localhost:3000/ responded with 200 response
⛔️ GET http://localhost:3000/ must respond 403 when requested from attacker IP

debug from the service

::ffff:127.0.0.1
GET / 200 12.448 ms - 170
::ffff:127.0.0.1
GET / 200 7.434 ms - 170

Code:

...
if (req.socket.remoteAddress.includes('111.34.55.211')) {
    const err = new Error('Forbidden');
    err.status = 403;
    next(err);
    return;
  }
...

Comments

  • gicontz
    gicontz Posts: 5

    Same with lab 10.2

    04:17:01 ✨ request completed 1ms
04:17:06 ✨ incoming request GET xxx /
127.0.0.1
04:17:06 ✨ request completed 2ms
04:17:06 ✨ incoming request GET xxx /
127.0.0.1

    Code:

    module.exports = fp(async (fastify, opts) => {
    fastify.addHook('onRequest', async (req) => {
        console.log(req.ip);
        if (req.ip === '211.133.33.113') {
            throw fastify.httpErrors.forbidden();
        }
    })
})

    both are working in IP: 127.0.0.1

  • davidmarkclements
    davidmarkclements Posts: 270

    I'm unable to reproduce this.

    Make sure there are no other node processes running, especially not the service, when you run node validate.js - the validate script will start the service.

  • baocongchen
    baocongchen Posts: 15

    I think you can simply check the ip by using req.ip !== 'the ip you want to detect'

Categories

Upcoming Training