For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ragunath154's avatar
ragunath154
Icon for Cirrostratus rankCirrostratus
Feb 15, 2021

APM set x-forward-for ip as perflow.client.ip.address

hi

i need to set the x-forwrd-for ip as perflow.client.ip.address value.

i have enabled accept x-forward for in http profile, but still perflow.client.ip.address get the actual client ip.

 

how can i achieve this.

 

application delivery
BIG-IP Access Policy Manager (APM)
iRules

2 Replies

  • Daniel_Wolf's avatar
    Daniel_Wolf
    Icon for MVP rankMVP
    Feb 15, 2021

    Hi,

    how about using an Access Policy Agent event for per-request policy in an iRule. Here is an example iRule.

    when HTTP_REQUEST {
    if { [HTTP::header values "X-Forwarded-For"] ne "" } {
        log local0. "X-Forwarded-For: [HTTP::header X-Forwarded-For]"
        set clientip [getfield [HTTP::header X-Forwarded-For] "," 1]
    }
}
 
when ACCESS_PER_REQUEST_AGENT_EVENT {
    if { [ACCESS::perflow get perflow.irule_agent_id] eq "EVENT_NAME" } {
        ACCESS::perflow set perflow.custom $clientip  
    }
}

    This will check if the header is set and if it exists it will write the IP to a variable and also will log it to /var/log/ltm.

    Then, once matching an Access Policy Agent event for per-request policies (in this example the event is called EVENT_NAME) it will reuse this variable and write to IP the to perflow.custom variable. This perflow variable you could use as a gating category.