Forum Discussion

zafer's avatar
zafer
Icon for Nimbostratus rankNimbostratus
May 11, 2009

logging client ip address with nat

Hello

 

 

i use this irule for logging client ip address and server communications

 

 

when CLIENT_ACCEPTED {

 

log local0. "client: [IP::remote_addr]:[TCP::remote_port] -> dest: [IP::local_addr]:[TCP::local_port]"

 

}

 

when SERVER_CONNECTED {

 

log local0. "client: [IP::local_addr]:[TCP::local_port] -> dest: [IP::remote_addr]:[TCP::remote_port]"

 

}

 

 

but we will enable application firewall before bigip and its another box and they natted connection on their box, they will send client ip address with header (HTTP_CLIENT)

 

 

how do you suggest me getting client ip address from header and inserting my rule

 

 

regexp? for finding client ip on header

 

 

regards

 

 

zafer

 

application delivery
dev
devops
iRules

2 Replies

Sort By
  • The_Bhattman's avatar
    The_Bhattman
    Icon for Nimbostratus rankNimbostratus
    May 11, 2009
    You can intercept the in the irule the header without regexp

     

     

    http://devcentral.f5.com/wiki/default.aspx/iRules/HTTP__header.html

     

     

    It would be something like

     

     

    set variablename [HOST::header "HTTP_CLIENT"]

     

     

    From there you can use that variablename for whatever you deem important.

     

     

    Hope this helps

     

    CB

     

     

  • zafer's avatar
    zafer
    Icon for Nimbostratus rankNimbostratus
    May 14, 2009
    Hello

     

     

    he is the traffic flow

     

     

    client --> waf---> LTM --->server

     

     

    waf and LTM natted the connection and we loose client ip address.

     

     

    i want get client ip address from waf http request and sen through server access logs and i want log who connected vip address and member addresses.

     

     

    can you give me any sample for this issue

     

     

    thanks

     

     

    zafer