Conditional SNAT based on source IP

Question

Hello All,&nbsp;
I'm working on a task to configure an irule to do a conditional SNAT based on source IP.
when CLIENT_ACCEPTED {
    if { [matchclass [IP::client_addr] equals DNS_SNAT_TEST]} {
        snatpool SNAT_POOL_LAN
      }
else{
snat none
   }&nbsp;
   }
Could you please help me to ensure the above logic work? Anything else I have to add with this irule?&nbsp;
Regards,
Thiyagu&nbsp;

crodriguez · Answer

Unless you're running an older version of BIG-IP software, I would use the CLASS MATCH command rather than MATCHCLASS. FINDCLASS and MATCHCLASS are deprecated as of v10. The CLASS MATCH equivalent of your MATCHCLASS command is:
class match [IP::client_addr] equals DNS_SNAT_TEST

Forum Discussion

Conditional SNAT based on source IP

1 Reply

Recent Discussions

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Related Content

Demystifying Time-based OTP

Leverage F5 BIG-IP APM and Azure AD Conditional Access Easy button

Source IP Based Pool Routing

Cookie-based DDoS protection

iRules 101 - #13 - Nested Conditionals