Grok IPV6 pattern not supporting IPv6 mapped IPv4 addresses.
jornane opened this issue · comments
Jørn Åne de Jong commented
The IPV6-parser does not recognize IPv6-addresses that contain dots. Linux tends to use these when using an IPv6-socket to connect with IPv4 hosts. Addresses typically look like ::ffff:192.0.2.42
. When trying to parse this with the IP
pattern, it returns IPV4=NULL
and IPV6=::ffff:192
.
Note that just allowing IPV4 to be prefixed by ::ffff:
does not solve this issue. A NAT64-user may use addresses such as 2001:db8:64::192.0.2.42
.
The correct implementation is as follows:
- An IPv6 address may represent the last four bytes in dotted notation, like IPv4, regardless of the rest of the address. (change in IPV6 pattern)
- An IPv4 address may be prefixed by
::ffff:
, but not by anything else (change in IPV4 pattern)
Jørn Åne de Jong commented
A good regex is here: http://stackoverflow.com/a/53499/951387
Andrea Florio commented
how did you solve? did you create a custom pattern based on that regex?