how to get Source IP address

Hi Surya,

You can create an irule that will log the client ip address on the LTM

 
  
 when CLIENT_ACCEPTED { 
     log local0. "This is the clients up address [IP::client_addr]" 
 } 
 

Let me know if this answers your question

Bhattman

basically i want to store that source ip into a variable so that i can pass it to my web server

Hi Surya,

 

If you have HTTP profile setup on the VIP then you can enable X-Forwarded-For insertion on that HTTP profile. This allows LTM to pass the original client IP in a custom HTTP header in requests to the pool members which, in your case, happen to web servers.

 

 

Of course the webservers will need to look for that particular header.

 

 

Bhattman

 

 

As CB suggests, you can configure LTM to insert the original client IP address it receives in the X-Forwarded-For header. SOL4816 details this and configuring the web server to log this:

 

 

SOL4816: Using the X-Forwarded-For HTTP header to preserve the original client IP address for traffic translated by a SNAT

 

https://support.f5.com/kb/en-us/solutions/public/4000/800/sol4816.html

 

 

Aaron

Is there an irule that can insert xff only if one is not present. In other words I don't want to append to an existing x-forwarded-for header.

Just insert a quick check before doing the addition of a header to see if it already exists...

 

 

What I often found useful was to pull the current value, and APPEND the new XFF value to an already existing one. Then when you get chained proxies, you still get all the information (Since ofthen if the user is behind a proxy you'll see their original address in the XFF, not the address that your LTM sees).

 

 

H