Don't get the correct IP in Bouncer

crowdsec
1

Hi,

I’m running traefik and crowdsec behind a Metallb in a kubernetes cluster.
But I don’t get the real IPs of the clients which access a site behind traefik. In the log of the lapi I only see the internal k8s IP Adresses.

whoami behind traefik shows the following output:

Hostname: whoami-64f6cf779d-4tk67
IP: 127.0.0.1
IP: ::1
IP: 10.244.1.240
IP: fe80::9c95:40ff:fee9:c547
RemoteAddr: 10.244.3.4:39992
[...]
X-Forwarded-For: 172.16.50.10
X-Forwarded-Host: whoami.XXXX
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Forwarded-Server: traefik-qsw9k
X-Real-Ip: 172.16.50.10

I already tried much things, but still don’t get it to work.

In the middleware I configured

apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: crowdsec-bouncer
  namespace: traefik
spec:
  plugin:
    crowdsec-bouncer:
      enabled: true
      crowdsecLapiKey: "XXXX"
      crowdsecLapiScheme: http
      crowdsecLapiHost: crowdsec-service.traefik.svc.cluster.local:8080
      forwardedHeadersTrustedIPs:
        - 10.0.0.0/8
      forwardedHeadersCustomName: X-Forwarded-For

Am I missing something?
Could someone provide me any tips or give me an example configuration?

Thanks alot!

2

Hello, I’m running into the same issue. The plugin doesn’t seem to use the forwardedHeadersCustomName header to determine the client IP, and it always falls back to an internal address.

My setup is essentially identical to yours. Have you managed to get this working since you posted?

I’ll update this comment if I find a solution on my side.

EDIT : My solution will not help, but it was a configuration issue on my side. I had the wrong header…