I'm on a campus network that reverse proxies all HTTP traffic. The service shows...

mike-cardwell · on Feb 14, 2014

Yeah. Should exclude any of these: 127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16 and the lesser known 172.16.0.0/12

Also, I wonder if it handles X-Forwarded-For headers that contain multiple IP addresses, because there are multiple levels of proxying taking place.

Also. No IPv6? How boring.

xxpor · on Feb 14, 2014

Full list of "special" addresses: http://tools.ietf.org/search/rfc3330

xxpor · on Feb 14, 2014

Or I guess this is the most recent version: http://tools.ietf.org/search/rfc6890

coderholic · on Feb 14, 2014

Thanks for reporting! You should see that we correctly detect this as a bogon, but we should definitely be pulling the correct IP from the headers. I'll look into this.

    $ curl ipinfo.io/10.0.0.1
    {
      "ip": "10.0.0.1",
      "hostname": "No Hostname",
      "loc": "",
      "bogon": true
    }

jbverschoor · on Feb 14, 2014

That's a normal / forward proxy (transparent most likely)

whitehat2k9 · on Feb 14, 2014

You're absolutely right. I've being setting up too many nginx instances lately and the term stuck in my head...