Apply a Policy to an SNAT list
I have a SNAT list which translates outgoing traffic from a particular internal IP to a pool of external IPs. This is used for proxying to tax agency sites.
Recently we got dinged on a "security" audit because some of our scraping software uses a user-agent string for an old version of Chrome. The admin for the robots says this cannot be changed so I was told to find a way to fix it.
I first looked at using an irule but found a forum post recommending this is better done with a policy. I created a policy that replacing any user-agent header claiming to be chrome to the (mostly) latest and greatest value. However, I cannot see how to apply this policy to the pool of addresses.
Can this even be done? If so how?
To apply such a policy to https traffic, clientssl and serverssl profile will be necessary, and also and http profile, as the policy is intended to modify the http traffic.
If you have such a configuration, it seems there is even no way to set a condition matching selected pool. Then you should probably write an iRule for this, or find another matching solution (like source ip of the server hosting the scrapper maybe ?)