WAN IP no longer displaying upon boot - Raspberry Pi #4797
Comments
|
Many thanks for your report. curl -I https://dietpi.com/ |
|
Output:
***@***.***:/$ curl -I https://dietpi.com/
HTTP/2 200
date: Sun, 03 Oct 2021 17:11:53 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-robots-tag: all
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
expect-ct: enforce, max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'; form-action 'self'; base-uri https://dietpi.com/matomo/index.php https://dietpi.com/grafana/; default-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://unpkg.com https://google.com/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' https://www.youtube-nocookie.com https://google.com/recaptcha/ https://www.google.com/recaptcha/; manifest-src 'self'; connect-src 'self' https://api.github.com
permissions-policy: accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(self "https://www.youtube-nocookie.com"), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=(), screen-wake-lock=()
cache-control: public, max-age=86399
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 30 Sep 2021 18:46:25 GMT
vary: Accept-Encoding
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MARHXymlPvOdjt8s60Q7PALJUYx%2BjhDp0yhFR65Bb%2F2WC695wdoNyn2NfYK0dSTbir57vaTulRpHEtZ58T2MvWm4vbLykQ1rPL8ugu14iDFlFQna52pbTj3ttWD%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6987cacfca01f35d-ATL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
***@***.***:/$ ***@***.***:/$
It used to display WAN IP but stopped a while back.
Thanks for quick replay.
David
… On October 3, 2021 at 1:06 PM MichaIng ***@***.***> wrote:
Many thanks for your report. curl throws an error. Can you try:
curl -I https://dietpi.com/
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGNNASLV7EPZJ4PY4FDUFCERNANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Okay that works. How about: curl -sSfL https://freegeoip.app/csv/ |
|
Had to leave for a bit, back now.
Output:
***@***.***:/$ curl -sSfL https://freegeoip.app/csv/
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
***@***.***:/$ ***@***.***:/$
I tried going to it in a web browser got error:
David
… On October 3, 2021 at 1:45 PM MichaIng ***@***.***> wrote:
Okay that works. How about:
curl -sSfL https://freegeoip.app/csv/
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGJXE77KT44SJ2LCYA3UFCJCTANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
continuation of last email:
This site can’t provide a secure connection
freegeoip.appsent an invalid response.
* Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR
David
… On October 3, 2021 at 1:45 PM MichaIng ***@***.***> wrote:
Okay that works. How about:
curl -sSfL https://freegeoip.app/csv/
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGJXE77KT44SJ2LCYA3UFCJCTANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Do you use Pi-hole or another way of DNS filtering? |
|
I use PiHole + Unbound as my DNS resolver/filter and my router as my DHCP server.
When I first set it all up, it worked fine for a long time. Would pull WAN IP no problem.
David
… On October 3, 2021 at 2:35 PM MichaIng ***@***.***> wrote:
Do you use Pi-hole or another way of DNS filtering?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGKEER26ON77HK23OQTUFCO6LANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Can you try to add |
|
It is and has been whitelisted for quite a while. I figured out early on that it was needed for DietPi. I just now disabled and re-enabled it but that did not solve the issue.
I have even gone as far as to tell my router to use it's own DNS resolution thereby by-passing PiHole. Also, I have disabled PiHole temporarily and all ad blocking on my system to no avail.
David
… On October 3, 2021 at 2:51 PM MichaIng ***@***.***> wrote:
Can you try to add freegeoip.app to the whitelist? Probably a blocklist update now contains it. Sadly such public APIs are often found on blocklists as also tracking scripts by times make use of them. It is however executed client side, so your browser sees its own remote IP and not the ads provider (which has your IP anyway), so the reason for blocking those APIs is questionable.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGMCEKFZL4SL4HZMU6LUFCQ23ANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Okay than this is not the issue. Can you show the verbose output: curl -v https://freegeoip.app/csv/ |
|
Output:
***@***.***:~$ curl -v https://freegeoip.app/csv/
* Trying 172.67.188.154:443...
* Connected to freegeoip.app (172.67.188.154) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
***@***.***:~$ ***@***.***:~$
David
… On October 3, 2021 at 3:11 PM MichaIng ***@***.***> wrote:
Okay than this is not the issue. Can you show the verbose output:
curl -v https://freegeoip.app/csv/
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGLFXGHC5KKQY2GUHYDUFCTETANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Strange, here it works well: The server sits behind Cloudflare and your apt update
apt upgrade |
|
***@***.***:~$ sudo apt update
Hit:1 https://archive.raspberrypi.org/debian bullseye InRelease
Get:2 http://raspbian.raspberrypi.org/raspbian bullseye InRelease [15.0 kB]
Fetched 15.0 kB in 2s (8663 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.
***@***.***:~$ sudo apt upgrade
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
***@***.***:~$ ***@***.***:~$
I guess the answer is no :)
David
… On October 3, 2021 at 3:20 PM MichaIng ***@***.***> wrote:
Strange, here it works well:
# curl -v https://freegeoip.app/csv/
* Trying 104.21.19.200:443...
* Connected to freegeoip.app (104.21.19.200) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
* start date: Aug 11 00:00:00 2021 GMT
* expire date: Aug 10 23:59:59 2022 GMT
* subjectAltName: host "freegeoip.app" matched cert's "freegeoip.app"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5574d10e5f80)
> GET /csv/ HTTP/2
> Host: freegeoip.app
> user-agent: curl/7.74.0
> accept: */*
The server sits behind Cloudflare and your 172.67.188.154 is a Cloudflare IP as well, so that looks all correct. Are there package (libSSL/OpenSSL) available?
apt update
apt upgrade
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGMXYKQCK4S3EMOVCCDUFCUJFANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Probably that Cloudflare node is faulty. Does it work if you try to connect via IPv6 (if enabled on your system and network): curl -v6 https://freegeoip.app/csv/ |
|
No, Output:
***@***.***:~$ curl -v6 https://freegeoip.app/csv/
* Trying 2606:4700:3036::6815:13c8:443...
* Immediate connect fail for 2606:4700:3036::6815:13c8: Network is unreachable
* Trying 2606:4700:3033::ac43:bc9a:443...
* Immediate connect fail for 2606:4700:3033::ac43:bc9a: Network is unreachable
* Closing connection 0
curl: (7) Couldn't connect to server
***@***.***:~$ ***@***.***:~$
I was just reading where fregeoip.app is deprecated and now uses this: https://freegeoip.live
Also, as stated on that page there is a maximum quota:
You're allowed up to50,000 queries per hour for one IP address. Once this limit is reached, all of your requests will result in HTTP 403, forbidden, until your quota is cleared.
I really don't know much about any of this, so please forgive me if I am wasting your time with this information. Just trying to help.
David
… On October 3, 2021 at 3:43 PM MichaIng ***@***.***> wrote:
Probably that Cloudflare node is faulty. Does it work if you try to connect via IPv6 (if enabled on your system and network):
curl -v6 https://freegeoip.app/csv/
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGNPJIXZLHQTHTBKNWDUFCW5NANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
There seems to be no IPv6 route (probably the router does not provide it): ip -6 rThis command needs to show a route starting with
I wonder if this applies to the Cloudflare server IPs or respects the CF headers to apply to the actual client. However, the curl error does not indicate that it's this issue. And of course I doubt that any actual client is doing 50,000 requests in one hour 😄. Not sure how to solve this issue at the moment, I guess it is a temporary one. If you don't rely on it, let's wait for one day and see if it is still present. I may report this to Cloudflare if it persists. |
|
Output:
***@***.***:~$ ip -6 r
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
***@***.***:~$ ***@***.***:~$
I looked at the PiHole query log and confirmed it is indeed replying with an IP address. I am also able to get a WAN IP from sites such as whatsmyip.org and freegeoip.live. So it appears to me, it is the curl command format that is in question.
Thanks for trying and your time. Maybe it will get sorted out in the future.
David
… On October 3, 2021 at 4:02 PM MichaIng ***@***.***> wrote:
There seems to be no IPv6 route (probably the router does not provide it):
ip -6 r
This command needs to show a route starting with default via followed by the IPv6 LLA address of the router.
> >
> You're allowed up to 50,000 queries per hour for one IP address.
>
> >
I wonder if this applies to the Cloudflare server IPs or respects the CF headers to apply to the actual client. However, the curl error does not indicate that it's this issue. And of course I doubt that any actual client is doing 50,000 requests in one hour 😄.
Not sure how to solve this issue at the moment, I guess it is a temporary one. If you don't rely on it, let's wait for one day and see if it is still present. I may report this to Cloudflare if it persists.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGMEYCPTEHKLNVEKYATUFCZGDANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
So you don't have an IPv6 default route/gateway as expected.
Yes we see that in the outputs above already, also you get an IPv6 address which is independent of IPv6 being functional: You can ask a DNS server for an AAAA record (IPv6) via IPv4 and independent of the fact whether IPv6 is functional at all or not.
Try to solve this by adding them to the whitelist, respectively check whether Pi-hole is blocking those. Also, which upstream DNS are you using? Some have an internal DNS blocking.
It is a completely regular curl command, nothing special, also as you could see above even a simply |
|
I added them to the whitelist and confirmed they are not being blocked by pihole, however, did not solve the issue.
My question is why don't I have IPv6 response? I don't recall ever disabling that anywhere.
Let's call it a day as I need to attend to something else.
Thanks again,
David
… On October 3, 2021 at 4:20 PM MichaIng ***@***.***> wrote:
So you don't have an IPv6 route as expected.
> >
> I looked at the PiHole query log and confirmed it is indeed replying with an IP address.
>
> >
Yes we see that in the outputs above already, also you get an IPv6 address which is independent of IPv6 being functional: You can ask a DNS server for an AAAA record (IPv6) via IPv4 and independent of the fact whether IPv6 is functional at all or not.
> >
> I am also able to get a WAN IP from sites such as whatsmyip.org and freegeoip.live.
>
> >
Try to solve this by adding them to the whitelist, respectively check whether Pi-hole is blocking those. Also which upstream DNS are you using? Some have an internal DNS blocking.
> >
> So it appears to me, it is the curl command format that is in question.
>
> >
It is a completely regular curl command, nothing special, also as you could see above even a simply curl https://freegeoip.app/csv/ fails the same way, so the flags have nothing to do with the issue,
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGLU6FJU4E26EFROLK3UFC3IHANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Which upstream DNS do you use in Pi-hole? Ah, sorry you said already that you use Unbound. You use Unbound as recursive DNS server or did you enabled DoT or similar?
It seems it is disabled in your router. Probably you don't even have a public IPv6 address? Or do you manage DHCP via Pi-hole? Your router needs to send router advertisements (RA) which contain the public IPv6 prefix, so clients can attach themselves a global unicast address (GUA) and the routers IPv6 address as gateway. You can check the IPv6 addresses of your system via: I guess there is only one starting with |
|
Output:
***@***.***:~$ ip -6 a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::eab9:51b9:d5dd:2adc/64 scope link
valid_lft forever preferred_lft forever
***@***.***:~$ ***@***.***:~$
Pihole points to 127.0.0.1#5335 for unbound.
I use my router for DHCP on the local network.
My router is running DD-WRT and I've made no changes to it recently since first setting up pihole.
David
… On October 3, 2021 at 4:50 PM MichaIng ***@***.***> wrote:
Which upstream DNS do you use in Pi-hole? Ah, sorry you said already that you use Unbound. You use Unbound as recursive DNS server or did you enabled DoT or similar?
... ah actually the resolved IPv4 seems correct (a Cloudflare address), so DNS blocking isn't the issue for freegeoip.app and probably neither for the other two API hosts. No idea whether some firewall elsewhere may be the issue then, something that blocks on IP level, not on DNS level 🤔.
> >
> My question is why don't I have IPv6 response? I don't recall ever disabling that anywhere.
>
> >
It seems it is disabled in your router. Probably you don't even have a public IPv6 address? Or do you manage DHCP via Pi-hole? Your router needs to send router advertisements (RA) which contain the public IPv6 prefix, so clients can attach themselves a global unicast address (GUA) and the routers IPv6 address as gateway. You can check the IPv6 addresses of your system via:
ip -6 a
I guess there is only one starting with fe80::, which is a local link address (LLA) which can only be used to connect to the router itself but not to a remove IPv6 host.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGNSGT4X657OKYKMJYDUFC6ZZANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
as stated above by @bransond5225 issue is with |
Probably you can browse the DD-WRT settings to check whether you got a public IPv6 address by your ISP and whether the router is providing IPv6 addresses to the local network accordingly. |
|
I will take a look at dd-wrt settings tomorrow.
Thank-you again for all your assistance.
David
… On October 3, 2021 at 5:01 PM MichaIng ***@***.***> wrote:
> >
> My router is running DD-WRT
>
> >
Probably you can browse the DD-WRT settings to check whether you got a public IPv6 address by your ISP and whether the router is providing IPv6 addresses to the local network accordingly.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGKELNGF6AI5D4ZYZILUFDAD3ANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
On all my systemd EDIT:
Ah I've overseen this one. Where is this written? |
|
sorry need to revert my statement. I had some human error. Old one is working fine. Just located me wrongly in another state. But in general it's working fine. |
|
Nice would be to allow choosing a different provider, but all have different response formats when the location is included 🤔. So only possible way would be if users enter the |
MichaIng
added
Testing/testers required 🔽
Enhancement 💨
and removed
Investigating 🤔
labels
|
Since we are behind Cloudflare, I found a simple way to provide GeoIP info via our own domain via Cloudflare worker: #4798 Another point is that we have an overall request limit for our workers, so we need to observe also whether DietPi clients are doing too many requests. In case we need to cache the WAN IP on DietPi, e.g. for one hour, cleared via hourly cron job or manually e.g. when DietPi-VPN connects or disconnects from a VPN. |
|
But @bransond5225 let's see if this really solves your issue: curl -sSf https://dietpi.com/geoip |
|
I don't know if you had already implemented this change earlier or not, but when I logged in to my DietPi system at 6:30 am this morning everything was working again.
Also, the curl command works fine from my side.
Thank-you for all the assistance. I really like DietPi OS a lot and I made a financial donation last week to show my appreciation and support.
David
… On October 4, 2021 at 11:36 AM MichaIng ***@***.***> wrote:
Since we are behind Cloudflare, I found a simple way to provide GeoIP info via our own domain via Cloudflare worker. If this get's used by too many clients outside of our scripts, we may add a custom request header or user agent and block all requests which do not match it. But our old myip.php script wasn't overloaded with unintended requests either, so for now it should be fine without any filter.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub #4797 (comment) , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4WFGPCRCA7JIOHSQG2YMDUFHCWLANCNFSM5FHZJUGA .
Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub .
|
|
Okay, then our guess that it was a temporary issue, probably with the Cloudflare node, or something on ISP side, turned out to be true 🙂. However, the step to not rely on 3rd party providers/APIs but provide own ones for our uses is reasonable anyway. And it was a constant issue that those public APIs often land on blocklists. |
|
@MichaIng |
|
Jep, same from our server, so a region was not found by the service which Cloudflare internally uses (or is it the which is not accurate but it matches the result of the old API, aside of |
|
myself are located in S-A which is as well wrong for my state. But yeah same as the old API. |
|
Okay 😄. I remember we used the city in the past, which was wrong even more often. I think the region is accurate in larger countries like the US, where it matches the state, but in Germany IPs seem to be not reliably attached to specific federal states. |
|
Yeah, it gets my state correct. |
Creating a bug report/issue
Required Information
Linux DietPi 5.10.60-v7+ #1449 SMP Wed Aug 25 15:00:01 BST 2021 armv7l GNU/LinuxSteps to reproduce
SSH into DietPi OS and an error message appears in the WAN IP field
Expected behaviour
WAN IP address should display
Actual behaviour
The following error message: curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
The text was updated successfully, but these errors were encountered: