In get_client_ip_addr (crates/iota-core/src/authority_server.rs), two ClientIpStatus branches currently only log + increment a metric and return None instead of rejecting the request:
SocketAddrMissing — IO type doesn't implement Connected, or a unix domain socket is used.XForwardedForInvalidUtf8 — invalid UTF-8 in the x-forwarded-for header.
Once we have confirmed via the connection_ip_not_found and forwarded_header_invalid metrics that no legitimate traffic hits these cases, reject such requests rather than letting them through with no client IP.
In
get_client_ip_addr(crates/iota-core/src/authority_server.rs), twoClientIpStatusbranches currently only log + increment a metric and returnNoneinstead of rejecting the request:SocketAddrMissing— IO type doesn't implementConnected, or a unix domain socket is used.XForwardedForInvalidUtf8— invalid UTF-8 in thex-forwarded-forheader.Once we have confirmed via the
connection_ip_not_foundandforwarded_header_invalidmetrics that no legitimate traffic hits these cases, reject such requests rather than letting them through with no client IP.