go-ipfs making lot's / requests to 127.0.0.1:8081

[dokterbob]

Version information:

go-ipfs version: 0.4.18-
Repo version: 7
System version: amd64/linux
Golang version: go1.11.1

Type:

Bug

Description:

For unknown reasons, IPFS is making lots of requests to localhost at port 8081.

This might be related to websocket functionality, or it might be that peers announce themselves at 127.0.0.1:8081 and IPFS is stupid enough to follow this.

In any case, we're running a daemon on that port and are now getting a lot of log spam. Moreover, in the latter case described above, this would be a potential privilege escalation. Under no circumstances should we be able to trigger connections to an internal network!

Note that swarm address filters are configured to their defaults:

"AddrFilters": [
      "/ip4/10.0.0.0/ipcidr/8",
      "/ip4/100.64.0.0/ipcidr/10",
      "/ip4/169.254.0.0/ipcidr/16",
      "/ip4/172.16.0.0/ipcidr/12",
      "/ip4/192.0.0.0/ipcidr/24",
      "/ip4/192.0.0.0/ipcidr/29",
      "/ip4/192.0.0.8/ipcidr/32",
      "/ip4/192.0.0.170/ipcidr/32",
      "/ip4/192.0.0.171/ipcidr/32",
      "/ip4/192.0.2.0/ipcidr/24",
      "/ip4/192.168.0.0/ipcidr/16",
      "/ip4/198.18.0.0/ipcidr/15",
      "/ip4/198.51.100.0/ipcidr/24",
      "/ip4/203.0.113.0/ipcidr/24",
      "/ip4/240.0.0.0/ipcidr/4"
    ],

[magik6k]

There seem to be peers announcing this address, we really should filter this out somehow.

[Stebalien]

Closing in favor of libp2p/go-libp2p#436