atoth
May 12, 2017Cirrus
Best way to send client ip info to windows ADS domain controllers.
I've got several vips with ADS domain controllers underneath them. They aren't using HTTP traffic, so X-Insert-For doesn't work for them. I implemented the below irule, but for some reason it only worked in their dev and qa environment, but not in their prod. What I would like to know if the below irule is good, or if there's a better irule or method to getting them the client ips. They can't turn off snat and use the F5 as their default gateway, so that's out.
when CLIENT_ACCEPTED {
set hsl { HSL::open -proto TCP -pool }
HSL::send $hsl "Client's ip address is [IP::client_addr]:[TCP::client_port].\n"
}
I've applied this to irule to four ports of 3268, 3269, 636 and 389.