Jellyfin Forum
Real IP - Printable Version

+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: Troubleshooting (https://forum.jellyfin.org/f-troubleshooting)
+--- Thread: Real IP (/t-real-ip)

Real IP - MoldyTaint - 2024-05-19

Hello!

First off, thank ya'll for the hard work that has been put into a great product as Jellyfin.

I have a Jellyfin instance setup on my Proxmox server. Right now I have everything working without hiccups. I have my domain name working, Caddy set up and working, and users can do as they would like.

One nuance that I seem to be encountering is on Jellyfin dashboard for users, it will show the CDN for Cloudflare rather than the forwarded IP that gets sent also. I have checked in Caddy logs and do see their real ip however Jellyfin is still using that 172.xxx.xxx.xxx. Is there a setting or something that I have missed that could be causing this on Jellyfin side?

RE: Real IP - crobibero - 2024-05-19

You need to enter the list of IPs that are producing Jellyfin in the Networking settings.

RE: Real IP - MoldyTaint - 2024-05-20

Hey, thank you for such a speedy and amazing answer. Hopefully I am not coming off as a bother however if they are coming off as a cloudflare proxy ip, would I have to put in all of theirs as a single or would I be able to do something like 172.xxx.xxx.0/24?

RE: Real IP - TheDreadPirate - 2024-05-20

You would have to set the Cloudflare IP as a known proxy. Then Jellyfin will use the x-forwarded-for field, which has the real IP, for activity.

I'm not sure if that field will accept CIDRs. The description only mentions specific IPs.

RE: Real IP - MoldyTaint - 2024-05-20

Thank you for a reply back also. I greatly appreciated the help. I did a little testing from what I could gather and read/understand this is what I have gathered thus far:

I enabled and setup everything and have verified that the ip address is able to be forwarded in the logs from the reverse proxy (Caddy)

Code:
{"level":"info","ts":1716001808.679013,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.232","remote_port":"36006","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host":>
{"level":"info","ts":1716001808.6796963,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.233","remote_port":"32890","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host">
{"level":"info","ts":1716001808.6811714,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.233","remote_port":"32846","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host">
{"level":"info","ts":1716001808.6824157,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.214","remote_port":"29514","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host">
{"level":"info","ts":1716001808.7196763,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.233","remote_port":"32872","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host">
{"level":"info","ts":1716001808.8876588,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.232","remote_port":"35984","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host">
{"level":"info","ts":1716001814.127556,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.233","remote_port":"32862","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host":>
{"level":"info","ts":1716001814.207943,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.232","remote_port":"35994","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host":>
{"level":"info","ts":1716001814.3329265,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"172.71.254.232","remote_port":"36006","client_ip":"185.695.185.518","proto":"HTTP/2.0","method":"GET","host">

So I think the issue might be on my end as it's coming through as "client_ip" rather than the forwarded field you have mentioned earlier. So I then went into Jellyfin and input all the cloudflare cidr ip's that are being used which still resulted in negative results. I fear I may just be sol