Forum Discussion
Capturing Client IP at application Server
Hi! I've seen this done before with TCP::options
https://clouddocs.f5.com/api/irules/TCP__option.html
Accessing TCP Options from iRules | DevCentral
Another solution could be modifying network design so that F5 is the default gateway for your servers, or modifying routing on your application servers so that client network is reached through F5, but I can understand this might be tricker if everyting's deployed already.
Thanks for response.
I tried below options in iRule.
Option 28
when CLIENT_ACCEPTED { set opt28 [TCP::option get 28] binary scan $opt28 c ver #log local0. "version: $ver" if { $ver == 34 } { set optaddr [IP::addr parse -ipv6 $opt28 1] log local0. "opt28 ipv6 address: $optaddr" } elseif { $ver == 1 || $ver == 2 } { set optaddr [IP::addr parse -ipv4 $opt28 1] log local0. "opt28 ipv4 address: $optaddr" } }
Option 253
when CLIENT_ACCEPTED { set opt253 [TCP::option get 253] binary scan $opt253 c ver #log local0. "version: $ver" if { $ver == 34 } { set optaddr [IP::addr parse -ipv6 $opt253 1] log local0. "opt253 ipv6 address: $optaddr" } elseif { $ver == 1 || $ver == 2 } { set optaddr [IP::addr parse -ipv4 $opt253 1] log local0. "opt253 ipv4 address: $optaddr" } }
iRule thew validation failure and request did not reach to application. Is there any working sample? or any logs to see what failed here.
Really appreciate your help on hit, thanks a lot.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com