Forum Discussion
bezeqint
Jan 15, 2012Nimbostratus
automap per source address
hi all,
i would like to know how to build IRule that will do an automap just for source address that i will manage by List.
the issue is that some subscribers that coming to my Virt and go to the servers need to go with NAT and all the rest should go direct without any changes of the source address.
Regards.
- nitassEmployeee.g.
[root@ve1023:Active] config b virtual bar list virtual bar { pool foo destination 172.28.19.79:80 ip protocol 6 rules myrule } [root@ve1023:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } [root@ve1023:Active] config b rule myrule list rule myrule { when CLIENT_ACCEPTED { if {[class match -- [IP::client_addr] equals my_address_list]} { snat automap } } } [root@ve1023:Active] config b class my_address_list list class my_address_list { { host 1.1.1.1 network 2.2.2.0/24 network 192.168.206.0/24 } } when client is 172.28.19.251, source is not translated. [root@ve1023:Active] config tcpdump -nni 0.0 'tcp[13] & 2!=0' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes 02:29:45.708531 IP 172.28.19.251.42571 > 172.28.19.79.80: S 1677468122:1677468122(0) win 5840 02:29:45.708578 IP 172.28.19.79.80 > 172.28.19.251.42571: S 1344191834:1344191834(0) ack 1677468123 win 4380 02:29:45.710657 IP 172.28.19.251.42571 > 200.200.200.101.80: S 3311993428:3311993428(0) win 4380 02:29:45.711666 IP 200.200.200.101.80 > 172.28.19.251.42571: S 2029372087:2029372087(0) ack 3311993429 win 5792 when client is 192.168.206.42, source is translated to 200.200.200.10 (selfip). [root@ve1023:Active] config tcpdump -nni 0.0 'tcp[13] & 2!=0' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes 02:30:12.381535 IP 192.168.206.42.55524 > 172.28.19.79.80: S 3342265976:3342265976(0) win 8192 02:30:12.381574 IP 172.28.19.79.80 > 192.168.206.42.55524: S 3109283800:3109283800(0) ack 3342265977 win 3780 02:30:12.382670 IP 200.200.200.10.55524 > 200.200.200.101.80: S 3939564967:3939564967(0) win 4380 02:30:12.383675 IP 200.200.200.101.80 > 200.200.200.10.55524: S 2406281639:2406281639(0) ack 3939564968 win 5840
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects