Forum Discussion

Red_19's avatar
Red_19
Icon for Nimbostratus rankNimbostratus
Apr 08, 2019

iRule to retrieve the first IP from an HTTP header

Requirement: client traffic will have a header named "Client_IP_XFF" which will have more than 1 IP. They want the LTM to retrieve the first IP from this header and insert it into X-Forwarded-For header. VIP will also get client traffic that will have standard X-forwarded-for folder.

 

The irule I applied on the VIP is as below, but this isn't going to get the first IP from the folder. Any suggestions on how this can be modified ?

 

create ltm rule XFF_ClientIP when HTTP_REQUEST { if {[HTTP::header exists "Client_IP_XFF"]}{ HTTP::header remove X-Forwarded-For HTTP::header insert X-Forwarded-For [HTTP::header value "X-Client-IP"] } else {

 

HTTP::header remove X-Forwarded-For HTTP::header insert X-Forwarded-For [getfield [IP::client_addr] % 1] } }

 

example of X-Client-IP data : 10.11.20.19,127.0.0.1 irule should get them 10.11.20.19 IP.

 

application delivery
iRules

1 Reply

Sort By
  • Lee_Sutcliffe's avatar
    Lee_Sutcliffe
    Icon for Nacreous rankNacreous
    Apr 08, 2019

    You need to convert the multiple IP addresses into a TCL list using '

    ,
    ' as a delimiter. Then use 
    lindex
    to return the first element.

    I've modified your iRule a bit, try the following and let me know how you get on.

    when HTTP_REQUEST {

     remove XFF header, will inset this again later
    if {[HTTP::header exists "X-Forwarded-For"]} {
        HTTP::header remove "X-Forwarded-For"
    }

    if {[HTTP::header exists "Client_IP_XFF"]}{
         split Client_IP_XFF value into a list
        set ipList [split [HTTP::header value "Client_IP_XFF"] ","]
         use first element of list for XFF value
        HTTP::header insert "X-Forwarded-For" [lindex $ipList 0] 
    } else {
        HTTP::header insert "X-Forwarded-For" [getfield [IP::client_addr] % 1] 
    } 
}