0

I am writing a little Python script that checks and displays incoming IP addresses. Getting an IP address directly was achieved by simply using the following:

remote_addr2 = os.environ.get('REMOTE_ADDR')

This displays the correct IP address making the request. The challenge I am facing is to detect the original IP if the request is made using a proxy. From here, I gather I must use HTTP_X_FORWARDED_FOR and so I tried to assign that to a variable and display it, like so:

remote_addr1 = os.environ.get('HTTP_X_FORWARDED_FOR')

The output for this is always None. I see a similar question answered for where the OP was using PHP. I think what I am trying to achieve in the second line is similar, but every proxy that I've tested (Anonymouse, HideMyAss, FilterByPass), gives me 'None' as an output.

This is the full program (rudimentary and I haven't implemented validation yet):

#!/usr/bin/python

import os
import cgi

print "Content-type:text/html\r\n\r\n"
print '<html>'
print '<head>'
print '<title>WHOIS - TESTs</title>'
print '</head>'

remote_addr1 = os.environ.get('HTTP_X_FORWARDED_FOR')
remote_addr2 = os.environ.get('REMOTE_ADDR')

print '<body>'
print remote_addr1
print remote_addr2
#print cgi.escape(os.environ["REMOTE_ADDR"])
print '</body>'
print '</html>'

Sample output:

output

Where am I making a mistake? Thanks in advance.

Community
  • 1
  • 1
rahuL
  • 3,330
  • 11
  • 54
  • 79
  • 1
    I think you will find the proxy server has to forward the originators IP for this to be populated which they don't always do. I suspect the proxies you are looking at don't – Fred Oct 30 '14 at 13:43

2 Answers2

0

The proxies that you cite are intended to hide the client's details. For that very purpose, they do not pass the IP onto your server in X-Forwarded-For or in any other header field.

Try sending your requests through a non-anonomising proxy and see whether the X-Forwarded-For header is present. Not all proxies support this, some just set the Via or Forwarded header, which you should also be looking for.

mhawke
  • 84,695
  • 9
  • 117
  • 138
  • could you elaborate a little more on the `Via` or `Forwarded` headers and how I could use them? – rahuL Oct 30 '14 at 14:39
  • You can read about Via at http://en.wikipedia.org/wiki/List_of_HTTP_header_fields. Forwarded is discussed at http://tools.ietf.org/html/rfc7239. – mhawke Oct 30 '14 at 15:45
-1

This information is not presented to you in anyway. When an http request is sent from the user to the server, the server know the incoming IP that the ISP has assigned to him. But, when a user channels his connection through another proxy server or a vpn out-going requests are transmitted by the server(or vpn) for him. The only IP you can see when a user is using a proxy or a vpn is the IP of the network/server and not the original IP address.

umlal
  • 9
  • 2
  • Why am I getting downvoted,you can't reveal a user's IP using an anonymous proxy, the server won't give his IP unless it is just a transparent node. – umlal Oct 30 '14 at 14:00