> Date: Monday, March 21, 2022 07:28:12 +0100 > From: Bo Berglund <bo.berglund@xxxxxxxxx> > > On Sun, 20 Mar 2022 23:33:56 +0100, Micha <micha.faul@xxxxxx> wrote: > >> Indeed, it is the basic concept of a NAT that external servers >> only see the public IP of the router and not the private LAN IP of >> the client behind the NAT. >> >> An alternative of passing the local IP as URL parameter/query >> string, is to pass it as custom request header. > > This means that the device address is hidden from view.... > I had hoped that some header item would be this address in order to > facilitate some kind of callback. Of course I do not intend to call > back at all but rather find the local LAN address of the switch. > The device is an IoT type gadget so it is not using any browser or > such when sending data, just minimalistic http code, I believe... > > If I can get the IP address then I can (on that local LAN) connect > to the switch's own webpage for configuration purposes and also to > read out actual state data... > Think of the privacy and security implications if this was possible. Being able to use such an option to map the internals of a network - corporate or otherwise - should raise all manner of concerns.