[Bug] Default Pangolin setup with Badger not properly forwarding real IP's via Cloudflare/IP based rules not working with Cloudflare #1556

New Issue

Closed

opened 2026-04-05 19:34:18 +02:00 by MrUnknownDE · 0 comments

MrUnknownDE commented 2026-04-05 19:34:18 +02:00

Owner

Copy Link

Originally created by @slimshizn on 4/30/2025

Have added the following to traefik_config.yml

entryPoints:
  web:
    address: :80
    forwardedHeaders:
      trustedIPs: &trustedIps
        - 172.18.0.0/16
        # CF
        - 173.245.48.0/20
        - 103.21.244.0/22
        - 103.22.200.0/22
        - 103.31.4.0/22
        - 141.101.64.0/18
        - 108.162.192.0/18
        - 190.93.240.0/20
        - 188.114.96.0/20
        - 197.234.240.0/22
        - 198.41.128.0/17
        - 162.158.0.0/15
        - 104.16.0.0/12
        - 172.64.0.0/13
        - 131.0.72.0/22
        - 2400:cb00::/32
        - 2606:4700::/32
        - 2803:f800::/32
        - 2405:b500::/32
        - 2405:8100::/32
        - 2a06:98c0::/29
        - 2c0f:f248::/32
        # CF
  websecure:
    address: :443
    forwardedHeaders:
      # Reuse list of Cloudflare Trusted IP's above for HTTPS requests
      trustedIPs: *trustedIps

Can see my IP hit via the traefik acces.log but IP based rules are still not working. Only will work via disabling orange cloud in cloudflare.

Example log

{"ClientAddr":"172.70.43.54:52720","ClientHost":"<MYIP>","DownstreamContentSize":0,"DownstreamStatus":304,"Duration":675516329,"RequestMethod":"GET","RequestPath":"/cover/168655/sm?c=1741857025","RequestProtocol":"HTTP/2.0","RetryAttempts":0,"ServiceName":"2-service@http","StartUTC":"2025-04-29T23:15:35.392421271Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","downstream_Content-Type":"","level":"info","msg":"","origin_Content-Type":"","request_Cookie":"REDACTED","request_User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0","request_X-Forwarded-For":"<MYIP>","request_X-Forwarded-Proto":"https","request_X-Real-Ip":"172.70.43.54","time":"2025-04-29T23:15:36Z"}

*Originally created by @slimshizn on 4/30/2025* Have added the following to `traefik_config.yml` ``` entryPoints: web: address: :80 forwardedHeaders: trustedIPs: &trustedIps - 172.18.0.0/16 # CF - 173.245.48.0/20 - 103.21.244.0/22 - 103.22.200.0/22 - 103.31.4.0/22 - 141.101.64.0/18 - 108.162.192.0/18 - 190.93.240.0/20 - 188.114.96.0/20 - 197.234.240.0/22 - 198.41.128.0/17 - 162.158.0.0/15 - 104.16.0.0/12 - 172.64.0.0/13 - 131.0.72.0/22 - 2400:cb00::/32 - 2606:4700::/32 - 2803:f800::/32 - 2405:b500::/32 - 2405:8100::/32 - 2a06:98c0::/29 - 2c0f:f248::/32 # CF websecure: address: :443 forwardedHeaders: # Reuse list of Cloudflare Trusted IP's above for HTTPS requests trustedIPs: *trustedIps ``` Can see my IP hit via the traefik acces.log but IP based rules are still not working. Only will work via disabling orange cloud in cloudflare. Example log ``` {"ClientAddr":"172.70.43.54:52720","ClientHost":"<MYIP>","DownstreamContentSize":0,"DownstreamStatus":304,"Duration":675516329,"RequestMethod":"GET","RequestPath":"/cover/168655/sm?c=1741857025","RequestProtocol":"HTTP/2.0","RetryAttempts":0,"ServiceName":"2-service@http","StartUTC":"2025-04-29T23:15:35.392421271Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","downstream_Content-Type":"","level":"info","msg":"","origin_Content-Type":"","request_Cookie":"REDACTED","request_User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0","request_X-Forwarded-For":"<MYIP>","request_X-Forwarded-Proto":"https","request_X-Real-Ip":"172.70.43.54","time":"2025-04-29T23:15:36Z"} ```

MrUnknownDE closed this issue 2026-04-05 19:34:18 +02:00

MrUnknownDE added the enhancementbugreverse proxyenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementenhancementbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugbugreverse proxyreverse proxyreverse proxyreverse proxy labels 2026-04-05 19:34:26 +02:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

dependabot/npm_and_yarn/dev-minor-updates-b4e5d6b9c5

revert-2766-feature/systemd-install-instructions

dependabot/npm_and_yarn/prod-patch-updates-05702d39f2

dependabot/npm_and_yarn/next-16.2.1

dependabot/npm_and_yarn/recharts-3.8.1

alerting-rules

private-site-ha

dependabot/docker/docker/library/node-25-slim

ssh

delete-account

msg-delivery

org-only-idp

cicd

patch

site-targets-auto-login

1.17.0-s.4

1.17.0

1.17.0-s.3

1.17.0-s.2

1.17.0-s.1

1.17.0-s.0

1.17.0-rc.0

1.16.2-s.22

1.16.2-s.21

1.16.2-s.20

1.16.2-s.19

1.16.2-s.18

1.16.2-s.17

1.16.2-s.16

1.16.2-s.15

1.16.2-s.14

1.16.2-s.13

1.16.2-s.12

1.16.2-s.11

1.16.2-s.10

1.16.2-s.9

1.16.2-s.8

1.16.2-s.7

1.16.2-s.6

1.16.2-s.5

1.16.2-s.4

1.16.2-s.3

1.16.2-s.2

1.16.2-s.1

1.16.2

1.16.2-s.0

1.16.1-s.1

1.16.1

1.16.1-s.0

1.16.0

1.16.0-s.1

1.16.0-s.0

1.16.0-rc.0

1.15.4-s.10

1.15.4-s.9

1.15.4-s.8

1.15.4-s.7

1.15.4-s.6

1.15.4-s.5

1.15.4-s.4

1.15.4-s.3

1.15.4-s.2

1.15.4

1.15.4-s.1

1.15.4-s.0

1.15.3

1.15.3-s.1

1.15.3-s.0

1.15.1-s.1

1.15.2

1.15.1-s.0

1.15.1

1.15.0-s.5

1.15.0

1.15.0-s.4

1.15.0-s.3

1.15.0-s.2

1.15.0-s.1

1.15.0-s.0

1.15.0-rc.0

1.14.1-s.3

1.14.1-s.2

1.14.1-s.1

1.14.1-s.0

1.14.1

1.14.0-s.2

1.14.0

1.14.0-rc.0

1.13.1

1.13.1-s.0

1.13.0

1.13.0.s.0

1.13.0-rc.0

1.12.2-s.5

1.12.3

1.12.2-s.4

1.12.2-s.3

1.12.2-s.2

1.12.2-s.1

1.12.2

1.12.2-s.0

1.12.1

1.12.0

1.12.0-s.0

1.12.0-rc.0

1.11.1

1.11.1-s.0

1.11.0-s.5

1.11.0

1.11.0-s.4

1.11.0-s.3

1.11.0-s.2

1.11.0-s.1

1.11.0-s.0

1.10.3

1.10.2

1.10.1

1.10.0

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.3

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

1.0.0-beta.15

1.0.0-beta.14

1.0.0-beta.13

1.0.0-beta.12

1.0.0-beta.11

1.0.0-beta.10

1.0.0-beta.9

1.0.0-beta.8

1.0.0-beta.7

1.0.0-beta.6

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

Improvement

Improvement

Improvement

Improvement

Look Into

Security

Security

api

api

authentication

authentication

authentication

authentication

authentication

authentication

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

bug

config

config

config

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

dependencies

docker

docker

docker

docker

docker

documentation

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

enhancement

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

github_actions

go

go

go

go

go

go

go

go

go

go

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

good first issue

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

help wanted

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

javascript

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

needs investigating

networking

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

new feature

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

non-critical bug

potential bug

potential bug

potential bug

potential bug

potential bug

potential bug

potential bug

potential bug

potential bug

potential bug

potential bug

potential bug

question

reverse proxy

reverse proxy

reverse proxy

reverse proxy

reverse proxy

reverse proxy

reverse proxy

reverse proxy

reverse proxy

reverse proxy

reverse proxy

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

stale

ui

ui

ui

ui

ui

ui

wontfix

No Label bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug bug enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement enhancement reverse proxy reverse proxy reverse proxy reverse proxy reverse proxy

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

MrUnknownDE

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/pangolin#1556