Class: Sentry::Utils::RealIp

Inherits:
Object
  • Object
show all
Defined in:
lib/sentry/utils/real_ip.rb

Constant Summary collapse

LOCAL_ADDRESSES =
[
  "127.0.0.1",      # localhost IPv4
  "::1",            # localhost IPv6
  "fc00::/7",       # private IPv6 range fc00::/7
  "10.0.0.0/8",     # private IPv4 range 10.x.x.x
  "172.16.0.0/12",  # private IPv4 range 172.16.0.0 .. 172.31.255.255
  "192.168.0.0/16", # private IPv4 range 192.168.x.x
]

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(remote_addr: nil, client_ip: nil, real_ip: nil, forwarded_for: nil, trusted_proxies: []) ⇒ RealIp

Returns a new instance of RealIp.



21
22
23
24
25
26
27
28
29
30
31
32
33
# File 'lib/sentry/utils/real_ip.rb', line 21

def initialize(
  remote_addr: nil,
  client_ip: nil,
  real_ip: nil,
  forwarded_for: nil,
  trusted_proxies: []
)
  @remote_addr = remote_addr
  @client_ip = client_ip
  @real_ip = real_ip
  @forwarded_for = forwarded_for
  @trusted_proxies = (LOCAL_ADDRESSES + Array(trusted_proxies)).map { |proxy| IPAddr.new(proxy.to_s) }.uniq
end

Instance Attribute Details

#ipObject (readonly)

Returns the value of attribute ip.



19
20
21
# File 'lib/sentry/utils/real_ip.rb', line 19

def ip
  @ip
end

Instance Method Details

#calculate_ipObject



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# File 'lib/sentry/utils/real_ip.rb', line 35

def calculate_ip
  # CGI environment variable set by Rack
  remote_addr = ips_from(@remote_addr).last

  # Could be a CSV list and/or repeated headers that were concatenated.
  client_ips    = ips_from(@client_ip)
  real_ips      = ips_from(@real_ip)

  # The first address in this list is the original client, followed by
  # the IPs of successive proxies. We want to search starting from the end
  # until we find the first proxy that we do not trust.
  forwarded_ips = ips_from(@forwarded_for).reverse

  ips = [client_ips, real_ips, forwarded_ips, remote_addr].flatten.compact

  # If every single IP option is in the trusted list, just return REMOTE_ADDR
  @ip = filter_trusted_proxy_addresses(ips).first || remote_addr
end