5 files changed, 24 insertions, 22 deletions
diff --git a/Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs b/Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs
index 463ca7321..b6af9baec 100644
--- a/Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiApplicationBuilderExtensions.cs
@@ -63,9 +63,9 @@ namespace Jellyfin.Server.Extensions
         /// </summary>
         /// <param name="appBuilder">The application builder.</param>
         /// <returns>The updated application builder.</returns>
-        public static IApplicationBuilder UseIpBasedAccessValidation(this IApplicationBuilder appBuilder)
+        public static IApplicationBuilder UseIPBasedAccessValidation(this IApplicationBuilder appBuilder)
         {
-            return appBuilder.UseMiddleware<IpBasedAccessValidationMiddleware>();
+            return appBuilder.UseMiddleware<IPBasedAccessValidationMiddleware>();
         }
 
         /// <summary>
diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
index 9867c9e47..ea3c92011 100644
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@@ -99,7 +99,7 @@ namespace Jellyfin.Server.Extensions
         }
 
         /// <summary>
-        /// Extension method for adding the jellyfin API to the service collection.
+        /// Extension method for adding the Jellyfin API to the service collection.
         /// </summary>
         /// <param name="serviceCollection">The service collection.</param>
         /// <param name="pluginAssemblies">An IEnumerable containing all plugin assemblies with API controllers.</param>
@@ -260,7 +260,7 @@ namespace Jellyfin.Server.Extensions
         }
 
         /// <summary>
-        /// Sets up the proxy configuration based on the addresses in <paramref name="allowedProxies"/>.
+        /// Sets up the proxy configuration based on the addresses/subnets in <paramref name="allowedProxies"/>.
         /// </summary>
         /// <param name="config">The <see cref="NetworkConfiguration"/> containing the config settings.</param>
         /// <param name="allowedProxies">The string array to parse.</param>
@@ -269,33 +269,37 @@ namespace Jellyfin.Server.Extensions
         {
             for (var i = 0; i < allowedProxies.Length; i++)
             {
-                if (IPNetAddress.TryParse(allowedProxies[i], out var addr))
+                if (IPAddress.TryParse(allowedProxies[i], out var addr))
                 {
-                    AddIpAddress(config, options, addr.Address, addr.PrefixLength);
+                    AddIPAddress(config, options, addr, addr.AddressFamily == AddressFamily.InterNetwork ? 32 : 128);
                 }
-                else if (IPHost.TryParse(allowedProxies[i], out var host))
+                else if (NetworkExtensions.TryParseToSubnet(allowedProxies[i], out var subnet))
                 {
-                    foreach (var address in host.GetAddresses())
+                    if (subnet != null)
                     {
-                        AddIpAddress(config, options, address, address.AddressFamily == AddressFamily.InterNetwork ? 32 : 128);
+                        AddIPAddress(config, options, subnet.Prefix, subnet.PrefixLength);
+                    }
+                }
+                else if (NetworkExtensions.TryParseHost(allowedProxies[i], out var addresses))
+                {
+                    foreach (var address in addresses)
+                    {
+                        AddIPAddress(config, options, address, address.AddressFamily == AddressFamily.InterNetwork ? 32 : 128);
                     }
                 }
             }
         }
 
-        private static void AddIpAddress(NetworkConfiguration config, ForwardedHeadersOptions options, IPAddress addr, int prefixLength)
+        private static void AddIPAddress(NetworkConfiguration config, ForwardedHeadersOptions options, IPAddress addr, int prefixLength)
         {
-            if ((!config.EnableIPV4 && addr.AddressFamily == AddressFamily.InterNetwork) || (!config.EnableIPV6 && addr.AddressFamily == AddressFamily.InterNetworkV6))
+            if ((!config.EnableIPv4 && addr.AddressFamily == AddressFamily.InterNetwork) || (!config.EnableIPv6 && addr.AddressFamily == AddressFamily.InterNetworkV6))
             {
                 return;
             }
 
-            // In order for dual-mode sockets to be used, IP6 has to be enabled in JF and an interface has to have an IP6 address.
-            if (addr.AddressFamily == AddressFamily.InterNetwork && config.EnableIPV6)
+            if (addr.IsIPv4MappedToIPv6)
             {
-                // If the server is using dual-mode sockets, IPv4 addresses are supplied in an IPv6 format.
-                // https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-5.0 .
-                addr = addr.MapToIPv6();
+                addr = addr.MapToIPv4();
             }
 
             if (prefixLength == 32)
diff --git a/Jellyfin.Server/Extensions/WebHostBuilderExtensions.cs b/Jellyfin.Server/Extensions/WebHostBuilderExtensions.cs
index 58d3e1b2d..3cb791b57 100644
--- a/Jellyfin.Server/Extensions/WebHostBuilderExtensions.cs
+++ b/Jellyfin.Server/Extensions/WebHostBuilderExtensions.cs
@@ -39,9 +39,9 @@ public static class WebHostBuilderExtensions
                 var addresses = appHost.NetManager.GetAllBindInterfaces();
 
                 bool flagged = false;
-                foreach (IPObject netAdd in addresses)
+                foreach (var netAdd in addresses)
                 {
-                    logger.LogInformation("Kestrel listening on {Address}", IPAddress.IPv6Any.Equals(netAdd.Address) ? "All Addresses" : netAdd);
+                    logger.LogInformation("Kestrel is listening on {Address}", IPAddress.IPv6Any.Equals(netAdd.Address) ? "All IPv6 addresses" : netAdd.Address);
                     options.Listen(netAdd.Address, appHost.HttpPort);
                     if (appHost.ListenWithHttps)
                     {
diff --git a/Jellyfin.Server/Migrations/PreStartupRoutines/CreateNetworkConfiguration.cs b/Jellyfin.Server/Migrations/PreStartupRoutines/CreateNetworkConfiguration.cs
index 5e601ca84..2c2715526 100644
--- a/Jellyfin.Server/Migrations/PreStartupRoutines/CreateNetworkConfiguration.cs
+++ b/Jellyfin.Server/Migrations/PreStartupRoutines/CreateNetworkConfiguration.cs
@@ -114,9 +114,7 @@ public class CreateNetworkConfiguration : IMigrationRoutine
 
         public bool IgnoreVirtualInterfaces { get; set; } = true;
 
-        public string VirtualInterfaceNames { get; set; } = "vEthernet*";
-
-        public bool TrustAllIP6Interfaces { get; set; }
+        public string[] VirtualInterfaceNames { get; set; } = new string[] { "veth" };
 
         public string[] PublishedServerUriBySubnet { get; set; } = Array.Empty<string>();
 
diff --git a/Jellyfin.Server/Startup.cs b/Jellyfin.Server/Startup.cs
index 6394800f7..b759b6bca 100644
--- a/Jellyfin.Server/Startup.cs
+++ b/Jellyfin.Server/Startup.cs
@@ -213,7 +213,7 @@ namespace Jellyfin.Server
                 mainApp.UseAuthorization();
 
                 mainApp.UseLanFiltering();
-                mainApp.UseIpBasedAccessValidation();
+                mainApp.UseIPBasedAccessValidation();
                 mainApp.UseWebSocketHandler();
                 mainApp.UseServerStartupMessage();