SNAT based on HTTP::HEADER (and SNAT)

Question

Hi, we have implemented a virtual with two apache behind in round-robin balance. We need to configure a persistence based on a http::header "x-forwarded-for" ip original client.&nbsp;
The persistence works great. In addition we want to check if the ip client original it's in specific subnet (like 172.16.0.0/16) and make a snat decision bases of the presence in the ip subnet.&nbsp;
Thanks!&nbsp;
regards
Michele &nbsp;

what_lies_bene1 · Answer

Something like this (untested):set origin_ip [HTTP::header "x-forwarded-for"]

if { $origin_ip == "" }
 return
elseif { [IP::addr $origin_ip equals 172.16.0.0/16] } {
 snatpool X }
else {
 snat x.x.x.x }

Forum Discussion

SNAT based on HTTP::HEADER (and SNAT)

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

Related Content

Select pool based on HTTP host header

Revocation Status in HTTP Request Header

Session persistence based on http header for machine to machine calls

APM AdAuth HTTP Header Insert iRule Switch Statement

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header