Forum Discussion

Cirrostratus

Jul 01, 2020

Alternative to getfield to check XFF client IP using data group

Hi All, We ran into a bug when upgrading to 13.1.3.3 that process an iRule to check the client IP address in an XFF header against what is defined in a data group "DG-ALLOWED-IP". Is there an...

Nacreous

Jul 03, 2020

Having not been notified of updates to this topic...

Update [string trim $CHECK_IP] to...

[string trim $CHECK_IP {{} }]

But if you put James proc above the top if your original iRule you can simplify to this...

set CHECK_IP [call get_xff_ip]

ant77

Cirrostratus

Jul 06, 2020

Thank you Kevin for all your help. Much appreciated man!

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Alternative to getfield to check XFF client IP using data group

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

The Ingress NGINX Alternative: F5 NGINX Ingress Controller for the Long Term

set TOKEN [getfield [HTTP::uri]

F5 RHI Solution an alternative to GSLB load balancing between Datacenters

F5 Distributed Cloud - Traffic Steering based on Client IP Address

HTTP throttle alternative

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS