Snat or nat senteces

Hi David,

There isn't an iRule command to dynamically create a NAT. If you want to apply a source address translation on the request sent to the destination server, you can use the SNAT command (Click here). If you want to only apply the SNAT for specific client IP addresses, you can evaluate them using the IP::addr command (Click here). Also, you don't need to do anything in the HTTP_RESPONSE event in order for TMM to reverse the translation for responses back to the client.

If you're wanting to check the TCP port the client made the request to, you can use TCP::local_port in clientside events. A switch statement would be an efficient way to check this.

Lastly, if you're only using IP and port information, you can use the CLIENT_ACCEPTED event instead of the HTTP_REQUEST event (Click here).

when CLIENT_ACCEPTED {
   switch [TCP::local_port] {
   20001 -
   20002 -
   30001 -
   30002 {  request was to one of the listed TCP ports
          check the client IP address to see if we apply the source address translation
         if {[IP::addr [IP::client_addr] equals 192.168.1.51]}{
             apply source address translation
            snat 172.16.50.195
          check the client IP address to see if we apply the source address translation
         } elseif {[IP::addr [IP::client_addr] equals 192.168.1.52]}{
             apply source address translation
            snat 172.16.50.244
         }
      }
   }
}

Aaron

Hi Aaron,

 

 

Thank you very much for your fantastic answer.

 

 

BR/David