[BUG] Parameters forwardedheaderstrustedips and forwardedheaderscustomname have weird behaviour

[david-garcia-garcia]

Describe the bug 🐛

While working on #273 I found out that

      - "traefik.http.middlewares.bouncer-test.plugin.bouncer.forwardedheaderstrustedips=172.20.0.1/32"
      - "traefik.http.middlewares.bouncer-test.plugin.bouncer.forwardedheaderscustomname=X-Forwarded-For"

Does not behave as:

      - "traefik.http.middlewares.bouncer-test.plugin.bouncer.forwardedheaderstrustedips=0.0.0.0/8"
      - "traefik.http.middlewares.bouncer-test.plugin.bouncer.forwardedheaderscustomname=X-Forwarded-For"

My expectation is that they would. I am either not getting something, or the implementation we rely on (ip.GetRemoteIP) is weird.

When using 0.0.0.0/8 the forwardedheaderscustomname is actually ignored, and the remoteAddr is used always.

As I read it:

• forwardedheaderstrustedips means "you can trust the contents of forwardedheaderscustomname when the remoteAddr - that is the real IP connecting to us - is in forwardedheaderstrustedips"

Expected behavior 👀

Not sure.

[david-garcia-garcia]

Probably related to #265

[mathieuHa]

Probably related to #265

This MR was not merge but we indeed discussed this arguments in issue #264

[mathieuHa]

@david-garcia-garcia
Can I assume that your docker network gateway is 172.20.0.1 ?

Your Traefik container is something like 172.20.0.7 and you are trying to access it from the same computer that your container is running.

On my side, using the gateway or all IP for forwardedheaderstrustedips gives me the same result on the assumption made before

Can you elaborate the condition of your testing environment and the

Does not behave as:
so I can try to reproduce it