Forum Discussion

noahshelton_237's avatar
noahshelton_237
Icon for Nimbostratus rankNimbostratus
Aug 25, 2016

Combine IF and SWITCH to apply SNAT based on destination IP and/or TCP port

I use an irule applied to a L4 performance forwarding virtual server to serve as a sort of selective NAT based on a couple different criteria (in most cases just the TCP port for which I use a switch...
application delivery
iRules
LTM
  • ekaleido_26616's avatar
    ekaleido_26616
    Aug 26, 2016
    when CLIENT_ACCEPTED {
  if { [IP::addr [IP::local_addr] equals 10.10.10.10/32] } {
    switch [TCP::local_port] {
      "104" -
      "4000" -
      "7400" -
      "12000" { snat 10.10.70.70 }
      default { snat 10.10.70.15 }
    }
  }
}

    At this point, though, you're getting close to wanting to use a datagroup instead of switch.

ekaleido_26616's avatar
ekaleido_26616
Icon for Cirrocumulus rankCirrocumulus
when CLIENT_ACCEPTED {
  if { [IP::addr [IP::local_addr] equals 10.10.10.10/32] } {
    switch [TCP::local_port] {
      "104" -
      "4000" -
      "7400" -
      "12000" { snat 10.10.70.70 }
      default { snat 10.10.70.15 }
    }
  }
}

At this point, though, you're getting close to wanting to use a datagroup instead of switch.

noahshelton_237's avatar
noahshelton_237
Icon for Nimbostratus rankNimbostratus
Aug 26, 2016

Yes just setup a data group to match ip:tcp port with a snat.... I'm waiting on a window to test with so I'll report back what I finally get working.