Help with "smart SNAT"

I need to build an intelligent SNAT irule that will not snat traffic when communicating with a particular subnet, otherwise use the defined snats on the box. I have been following the post from below, but seem to get a syntax error.

 

http://devcentral.f5.com/default.aspx?tabid=28&view=topic&forumid=5&postid=1540

 

 

Here is my irule:

 

 

when CLIENT_ACCEPTED {

 

If {[IP::addr 68.28.198.0 equals "[IP::local_addr]/255.255.255.0"]} {

 

use snatpool none

 

}

 

}

 

 

Here is the Error I get:

 

 

01070151:3: Rule [Internal_to_Exchange_no_SNAT] error:

 

line 2: [undefined procedure: If] [If {[IP::addr 68.28.198.0 equals "[IP::local_addr]/255.255.255.0"]} {

 

snat none

 

}]

 

 

What I am trying to do is to not snat traffic when the clients from the internal vlan are communicating with hosts on the 68.28.198.0/24 network. All other communication should use the defined snats below:

 

 

snat Rebceefe_Outbound_68.28.198.10 {

 

translation 68.28.198.10

 

origin 10.25.68.20

 

origin 10.25.68.30

 

origin 10.25.68.40

 

origin 10.25.68.50

 

vlan BCEE_Int_App enable

 

}

 

snat Rebceesog_Outbound_68.28.198.15 {

 

translation 68.28.198.15

 

origin 10.25.68.83

 

origin 10.25.68.86

 

vlan BCEE_Int_App enable

 

}

 

snat Rebceeng_Outbound_68.28.198.10 {

 

translation 68.28.198.10

 

origin 10.25.68.76

 

origin 10.25.68.80

 

vlan BCEE_Int_App enable

 

}

 

 

Any idea what might be wrong with my rule or syntax? Or is there a better way to handle this?