Forum Discussion

silver78's avatar
silver78
Icon for Nimbostratus rankNimbostratus
Oct 16, 2019

add IP client for SMTP in v13.1: stream::replace not working

HI

 

I try to add the client IP source in the SMTP stream by using this code but it seems the Stream::replace does not work.

 

Could you help please ?

output:

 

220 server1 Frontend
 ehlo
250-server Hello 10.1.2.3   
250-SIZE 
250 XRDST      

 

 

desired output

 

220 server1  Frontend 
ehlo 
250-server Hello Client addr: 4.5.6.7   
250-SIZE 
250 XRDST

 

code

 

when STREAM_MATCHED {
   set server [string tolower [STREAM::match]]
   if {$server contains "10.1.2.3"} {
       STREAM::replace "10.1.2.3/Client_IP\:[IP::client_addr]"
       STREAM::disable
       log local0. "Client addr: IP::client_addr]" 
   }
}

 

devops
iRules
LTM

4 Replies

Sort By
  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Oct 16, 2019

    the documentation https://clouddocs.f5.com/api/irules/STREAM_MATCHED.html

     

    seems to indicate you have to do a STREAM::expression in another event or get a match from stream profile, did you do that?

     

    an irule trick i always do is log at the start of an event, there you can check if the STREAM_MATCHED event triggers. if it doesn't that is step one to fix.

     

    when i tested yours on something similar i did indeed not trigger the event at all.

    • silver78's avatar
      silver78
      Icon for Nimbostratus rankNimbostratus
      Oct 17, 2019

      Thank you, it is weird because , only the log local of the client is accepted with real IP. When i enter HELO or EHLO, the stram::expression always is not matched

      when CLIENT_ACCEPTED {
        set caddr [IP::client_addr]
        log local0. "Client addr: $caddr"
      STREAM::expression {@^EHLO.*\r\n@@ @^HELO.*\r\n@@}
      STREAM::enable
 
    }
     
 when STREAM_MATCHED {
        set mstring [STREAM::match]
        if { $mstring contains "10.1.2.3" } {
        log local0. "STREAM_MATCHED: string: $mstring replaced with $caddr"
        STREAM::replace "Client_IP\:$caddr"
        STREAM::enable
    }
    }
  • silver78's avatar
    silver78
    Icon for Nimbostratus rankNimbostratus
    Oct 17, 2019

    If i use the following code:

     

    when CLIENT_ACCEPTED {
        set caddr [IP::client_addr]
        log local0. "Client addr: $caddr"
      STREAM::expression {@.*LO.*\r\n@@}
      STREAM::enable
    }
when STREAM_MATCHED {
    set mstring [STREAM::match]
    log local0. "STREAM_MATCHED: string: $mstring"
    set replacment [string range $mstring 0 1]
    append replacment "LO $caddr\r\n"
    log local0. "STREAM_MATCHED: replacement string: $replacment"
    STREAM::replace "$replacment"
    event STREAM_MATCHED enable
}

    i don`t have any change in the output

    220 Server1 Default Frontend

    HELO

    250 Server1 Hello [10.1.2.3]

     

     

    Oct 17 11:15:50 slot1/LB01 info tmm[17518]: Rule /Common/IP_payload_v3 <CLIENT_ACCEPTED>: Client addr: 10.4.5.6

    Oct 17 11:15:53 slot1/LB01 info tmm[17518]: Rule /Common/IP_payload_v3 <STREAM_MATCHED>: STREAM_MATCHED: string: HELO

    Oct 17 11:15:53 slot1/LB01 info tmm[17518]: Rule /Common/IP_payload_v3 <STREAM_MATCHED>: STREAM_MATCHED: replacement string: HELO 10.4.5.6

     

     

     

     

    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP
      Oct 17, 2019

      I believe you are working on the wrong side, the way you do it now you modify the request send to the mail server.

       

      you need an event that is triggered when the server returns data, like the HTTP_RESPONSE in some examples.