IP Restriction Plugin Whitelist/Blacklist Settings Bug


Currently have configured a service to IP restriction plugin, and the settings are as followed

For illustration purpose , let say is my outgoing public IP address



As such, any request that originate from will be able to pass through Kong successfully and then proxy to the upstream service.

Interestingly, this is not the case, in fact, it blacklisted my source ip Is it some kind of UI bug ? I changed to config.blacklist, and the api works :).

We are using Kong-EE Docker 0.36 deployed in AWS with RDS.


Welcome to Kong Nation.
There are different things to consider to figure out what could be wrong in your configuration. (among them load balancer ? docker etc…)
Looking at your test, it seems that kong does not recognise the call as issued from
The IP restriction plugin is using ngx.var.binary_remote_addr and compares it with its configuration.
There are lot of information in this post : https://discuss.konghq.com/t/how-to-forward-clients-request-ip/384


Maybe i didn’t articulate myself clearly.

So the scenario i observed

config.blacklist : Blank
config.whitelist :

Expected Result : API should passed as the source ip is whitelisted.
Actual Result : API failed

config.blacklist :
config.whitelist : Blank

Expected Result : API should failed , as the soruce ip is set as blacklist.
Actual Result : API Passed

Two possibilities:
1/ bug in the plugin (possible but I’m not aware of it)
2/ the IP received and used by Kong is not and then it explains your scenario

That is why I replied regarding the generic subject of client IP.