Skip to content

Always permit IPv4-mapped IPv6 loopback addresses#342

Merged
gsamokovarov merged 1 commit intorails:mainfrom
zunda:bind-on-ipv6
Dec 19, 2024
Merged

Always permit IPv4-mapped IPv6 loopback addresses#342
gsamokovarov merged 1 commit intorails:mainfrom
zunda:bind-on-ipv6

Conversation

@zunda
Copy link
Copy Markdown

@zunda zunda commented Dec 3, 2024

When the server, e.g., Puma binds to unspecified IPv6 address [::] with ,e.g.,:

port ENV.fetch("PORT", 3000), "::"

the server sees the local client connecting from an IPv4-mapped address ::ffff:127.0.0.1. This makes connection to the web console rejected with:

Cannot render console from ::ffff:127.0.0.1! Allowed networks: 127.0.0.0/127.255.255.255, ::1

unless loopback addresses expressed as IPv4-mapped addressses are premitted.

@zunda
Always permit IPv4-mapped IPv6 loopback addresses
c66460a 
When the server, e.g., Puma binds to unspecified IPv6 address `[::]`
with ,e.g.,:
```ruby, config/puma.rb
port ENV.fetch("PORT", 3000), "::"
```
the server sees the local client connecting from an IPv4-mapped address
`::ffff:127.0.0.1`. This makes connection to the web console rejected
with:
```
Cannot render console from ::ffff:127.0.0.1! Allowed networks: 127.0.0.0/127.255.255.255, ::1
```
unless loopback addresses expressed as IPv4-mapped addressses are
premitted.
@gsamokovarov gsamokovarov merged commit 859bc60 into rails:main Dec 19, 2024
@gsamokovarov
Copy link
Copy Markdown
Collaborator

gsamokovarov commented Dec 19, 2024

This is useful, yes. Thank you for your contribution.

@fossabot fossabot bot mentioned this pull request Feb 25, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zunda @gsamokovarov