handling X-Forwarded-For when using reverse proxy

I don’t know if my reverse proxy configuration is messed up or if this is a z-push issue. As far as I know, X-Forwarded-For can hold a list of multiple IP addresses.
Once I have the following option defined in z-push.conf:

    define('USE_CUSTOM_REMOTE_IP_HEADER', 'X-Forwarded-For');

I can see messages in z-push.log like:

01/06/2018 11:08:59 [28617] [ INFO] [darian] cmd='Ping' memory='3.41 MiB/3.75 MiB' time='60.09s' devType='Android' devId='nine621b3e876d5d' getUser='darian' from='badip-80.181.17.109192.168.10.32' idle='60s' version='2.4.2+0' method='POST' httpcode='200'

The actual client ip was 80.181.17.109. My reverse proxy passed a list of IPs, the client_ip and the proxy_ip: “80.181.17.109, 192.168.10.32”. Obviously such string cannot be identified as a valid IP address and hence I get the badip messages.

Hi Darian,

thanks for reporting this. I’ve created a JIRA issue: https://jira.z-hub.io/browse/ZP-1434.

Manfred