Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

silver78's avatar
silver78
Icon for Nimbostratus rankNimbostratus
Oct 16, 2019

add IP client for SMTP in v13.1: stream::replace not working

HI   I try to add the client IP source in the SMTP stream by using this code but it seems the Stream::replace does not work.   Could you help please ? output:   220 server1 Frontend  ehlo 250...
devops
irules
LTM
boneyard's avatar
boneyard
Icon for MVP rankMVP
Oct 16, 2019

the documentation https://clouddocs.f5.com/api/irules/STREAM_MATCHED.html

 

seems to indicate you have to do a STREAM::expression in another event or get a match from stream profile, did you do that?

 

an irule trick i always do is log at the start of an event, there you can check if the STREAM_MATCHED event triggers. if it doesn't that is step one to fix.

 

when i tested yours on something similar i did indeed not trigger the event at all.

silver78's avatar
silver78
Icon for Nimbostratus rankNimbostratus
Oct 17, 2019

Thank you, it is weird because , only the log local of the client is accepted with real IP. When i enter HELO or EHLO, the stram::expression always is not matched

when CLIENT_ACCEPTED {
        set caddr [IP::client_addr]
        log local0. "Client addr: $caddr"
      STREAM::expression {@^EHLO.*\r\n@@ @^HELO.*\r\n@@}
      STREAM::enable
 
    }
     
 when STREAM_MATCHED {
        set mstring [STREAM::match]
        if { $mstring contains "10.1.2.3" } {
        log local0. "STREAM_MATCHED: string: $mstring replaced with $caddr"
        STREAM::replace "Client_IP\:$caddr"
        STREAM::enable
    }
    }