Filtering client IP using HSL in irules

Question

We have the following hsl configured on the irule which works just fine with all the traffic. I need to add a filter on the below HSL config to log traffic only from specific client IP addresses. Any guidance is appreciated.
when HTTP_REQUEST {&nbsp;
set hsl [HSL::open -proto UDP -pool SYSLOG_POOL] 
set http_request_time [clock clicks -milliseconds] 
HTTP::collect 4096
set LogString "&lt;190&gt; [IP::client_addr]:[TCP::client_port]-&gt;[IP::local_addr]:[TCP::local_port]; [HTTP::host]" &nbsp;
host header translation function
HSL::send $hsl "$LogString REQUEST HOST HEADER TRANSLATED -----&gt; [HTTP::host]"&nbsp;
}&nbsp;
when HTTP_RESPONSE {&nbsp;
set hsl [HSL::open -proto UDP -pool SYSLOG_POOL] 
HSL::send $hsl "[IP::client_addr]:[TCP::client_port]-&gt;[IP::local_addr]:[TCP::local_port] RESPONSE FROM SERVER ---&gt; [LB::server])" &nbsp;
}&nbsp;

patrik_jonsson · Answer

Enclose the logic in an if statement:&nbsp;if { [IP::addr [IP::client_addr] equals 1.2.3.4] } {
    execute existing code
}Make sure to do it in both events and you should be fine.&nbsp;/Patrik&nbsp;

Forum Discussion

Filtering client IP using HSL in irules

1 Reply

Recent Discussions

Advise on setting up IRULE

google autenticator broken barcode

Port Group on F5OS network setting

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Unwinding the Benefits of Investing in White Label Crypto Wallet

Related Content

iRule based RADIUS Client Stack

Client-Certificate and IP-Whitelisting via Policy or iRule?

iRule to accept client then SSL cert validation

ASM filtered HTML exceeded limit: event code C190 Filtered Response HTML exceeded max limit

F5 Client filtering based on cisco switch port info