can CF-Connecting-IP be faked?

Hey everyone, I wanna know can CF-Connecting-IP be faked like "X-Forwarded-For"?, in other words: How does Cloudflare know customer IP? and on which layer does it rely?
15 Replies
Cyb3r-Jak3
Cyb3r-Jak310mo ago
It is the IP that connected to Cloudflare’s edge which is the header. It cant be faked because it will always be overridden and isn’t possible to be edited through any Cloudflare process. But also just because a request has the connecting IP header doesn’t mean it came from Cloudflare. People can spoof the header.
Pato
PatoOP10mo ago
whitelisting cloudflare IPs only should solve this problem
Cyb3r-Jak3
Cyb3r-Jak310mo ago
Yes it would
Pato
PatoOP10mo ago
I get that, but on which TCP/IP layer does it figure out a customer's IP (I hope not the application layer, right?) yeah yeah, but I just wanna make sure that it does not rely on the headers to figure out my IP like X-Forwarded-For or any other param when the packet arrives, how does it figure out my IP? is this a better question? like how does it know this is Pato's IP? on which base does it rely on? located in? the internet layer? yeah I know that, exactly thats why im hoping it does not rely on the application layer
Cyb3r-Jak3
Cyb3r-Jak310mo ago
The only place where an IP is guaranteed is the internet layer.
Pato
PatoOP10mo ago
so? the internet layer, right?
Cyb3r-Jak3
Cyb3r-Jak310mo ago
Yes
Pato
PatoOP10mo ago
any document?
Cyb3r-Jak3
Cyb3r-Jak310mo ago
On what? The TCP/IP model?
Pato
PatoOP10mo ago
cloudflare grabbing user IP from the internet layer
Cyb3r-Jak3
Cyb3r-Jak310mo ago
Because there’s no other place to grab it?
Pato
PatoOP10mo ago
ur right, it is cloudflare afterall, I would've liked a reassurance @Helpflare what do you think?
Cyb3r-Jak3
Cyb3r-Jak310mo ago
I mean where else do you think they could grab the IP from?
Chaika
Chaika10mo ago
helpflare is a bot lol
radakul
radakul10mo ago
Pato, you may want to look into Wireshark to better understand what IP's are transiting your network. It sounds like Chaika and Cyber are both giving you a clear answer, but the understanding needs to be expanded around how de/encapsulation works for packets/frames as they move up and down the OSI model "stack" X-Forwarded-For (and similar headers) are in a higher layer of the stack, IP's are lower. So figure out which portion of your question you're trying to elaborate on, which will help folks answer the question more correctly.
Want results from more Discord servers?
Add your server