Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Insert client IP into tcp payload

I have been searching the boards for weeks. I have communicated with about a dozen peers. None of us can figure out how to insert the client IP address into the tcp payload. My customer wants the following format of data inserted into the head of the packet payload. !IP=w.x.y.z! is there an easy way to accomplish this. All I can think of is to use the TCP::payload option to load the entire packet into memory, then re-create it with the relevant commands, and re-write it. I've tried this method but cannot get it to work. Please help with code sample if possible.

1
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Matthew, Have you looked into TCP::option? Devcentral Master Jason Rahm wrote up an article about it back in 2011.

 https://devcentral.f5.com/articles/accessing-tcp-options-from-irules#.U5shRiTSBKQ

I hope this helps -=Bhattman=-

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

My customer has told me that they cannot use the TCP options header. Is there a way to place the originating client IP into the head of the payload?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

So you are taking about the head of the payload is at the IP level. As far as I know F5 doesn't have commands that rip into the ip header information from the perspective of the iRule - atleast to the best of my knowledge.

-=Bhattman=-

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

not sure what you've discussed/tested off-devcentral, but ran across this older post: https://devcentral.f5.com/questions/raw-tcp-insert

what type of application traffic is it?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
when CLIENT_ACCEPTED { 
TCP::collect 
}

when CLIENT_DATA { 
set ippayload [IP::remote_addr]
set newip "\!IP=$ippayload\!" 
set oldpayload [TCP::payload]
set newpayload "$oldpayload$newip"
TCP::payload replace 0 [TCP::payload length] ""
TCP::payload replace 0 0 $newpayload
log local0. "newpayload is:[TCP::payload]"
TCP::release

}

The test results

May 22 01:21:39 bigip1 info tmm1[10405]: Rule /Common/tcp_payload_1 : newpayload is:GET /~img27 HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, /;q=0.5 Referer: http://10.128.10.123/ Accept-Language: zh-CN User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: 10.128.10.123 Connection: Keep-Alive !IP=10.128.10.1!

0