Learn F5 Technologies, Get Answers & Share Community Solutions
You are here:
Questions and Answers
+ Ask Question
Change TCP and UDP IP address
There is a way to change TCP or UDP headers?
For example: If some user makes a request to some Web, let’s say www.av.com (18.104.22.168) the irule sees that IP and changes it by someone like (22.214.171.124) in order to redirect the traffic.
The same if use ssh or telnet or any kind of traffic.
set old_IP [scan [IP::local_addr] "%d.%d.%d.%d"]
if $old_IP 126.96.36.199
set new “188.8.131.52”
set new_ip [binary format c4 $new]
TCP::header replace (“ip address”) $new_ip ??????
It looks like you have a wildcard VIP defined where you don't know what the destination IP will be and only want to perform destination address translation for some of the addresses. If that's the case, I'd suggest configuring additional IP Forwarding VIPs for the addresses you do you want to perform address translation for. Set the pool to be the translated address. if you want the translation done for any destination port, set the VIP and pool member port to 0.
If you have a lot of addresses you want to translate, you could use the node command (
) to do it. Make sure to use IP::addr (
) to evaluate the IP address. This is more efficient than a string comparison.
What I want to do is address translation for all public IPs and turns them to private IPs.
I want to trick a router that has a default route 0.0.0.0 to 172.16.20.10. This router sends all unknown traffic to Internet by the router with the 172.16.20.10 IP, but I need that in sometimes it sends all traffic to another router 172.16.20.20. I mean, I need that default route but in some times I do not (what I am trying to do is like a dynamic default route).
I need when all the traffic goes through the LTM an irule changes the public IP to a private one, let’s say 184.108.40.206 to 10.10.10.2, then all traffic goes through the first router. When the packets arrives at the second LTM, another irule changes the private one to a public ip again (the original) 10.10.10.2 to 220.127.116.11
I will hide the public IP into the payload at this way:
Set XX [scan [IP:: remote_addr] " %d.%d.%d.%d"]
Set yy [binary format c4 $xx]
TCP:: payload replace 0 0 $yy
#here I need to change any public IP by a private (18.104.22.168 to 10.10.10.2) or (22.214.171.124 to 10.10.10.2) or any public IP to 10.10.10.2
Then in the second LTM (irule 2) I am going to look for the original IP an put it back again
Set zz [binary scan [TCP:: payload] a4 XX]
#here I need to put the public IP again (the original)
can it be performed with the node command?
I suppose that could be possible to do this as you've described using the node command. You'd need to have address translation enabled on the VIP you try this with.
This seems like a lot of hoops to jump through in order to hack together routing. Can't you change the routing on the intermediate router?
You must be logged in to reply. You can login
Specify an image to upload:
Your post has been identified as spam. If this is not the case, please contact
hint: access search faster by typing