Forum Discussion
Apr 25, 2014
Hi!
Why not SNAT all traffic then and insert XFF headers which then can enable logging of the clients real IP on the web server?
One thing I can think of is using the LB_FAILED event in conjunction with HSL. Maybe somebody can think of something better though.
From devcentrals wiki
The LB_FAILED event is triggered when LTM is ready to send the request to a pool member and one hasn’t been chosen (the system failed to select a pool or a pool member), is unreachable (when no route to the target exists), has reached a queue limit, or is non-responsive (fails to respond to a connection request).
when LB_FAILED {
set hsl [HSL::open -proto UDP -pool syslog-514_pool]
HSL::send $hsl "LB_Failed triggered for client: [IP::client_addr]\n"
}
This rule would send a message to your syslog server, which you can then configure to alert you.
Kind regards, Patrik