I'm trying to configure this irule
when HTTP_REQUEST {
if { [class match [HTTP::header values "X-Forwarded-For"] equals XFF_SourceNAT] } {
log local0.alert "Matched XFF [HTTP::header values "X-Forwarded-For"] to group"
set category [class match -value [HTTP::header values "X-Forwarded-For"] equals XFF_SourceNAT]
log local0.alert "Setting category to $category"
NAT traffic according to xforwarded-for header
snatpool $category
} else {
log local0. "No X-Forwarded-For header found."
either for websense updates or traffic is not hitting the xff datagroup
if { [[IP::client_addr] equals 192.168.182.0/16] }
{
pool FW-Pool
} else {
drop
}
}
}
And in datagroup XFF_SourceNAT {address type) I configured:
172.28.0.0/16:= 2.2.2.2
But in the /var/log/ltm is see the follwoing error:
`Jan 23 21:22:49 slot2/f5 err tmm5[9013]: 01220001:3: TCL error: /partition1/SNAT-XFF-irule - bad IP network address format (line 1)invalid IP match item for IP class /ORT/XFF_SourceNAT (line 1) invoked from within "class match [HTTP::header values "X-Forwarded-For"] equals XFF_SourceNAT"
What can be done to fix the issue?