Forum Discussion
aj1
Nimbostratus
NimbostratusConditional SNAT using an iRule on a Wildcard Forwarding VS
Hello everyone,
I am new to iRules and have seen a lot of answers to the issue i am currently facing, but even after referring them and trying out all the possible combinations i just can't seem to...
nitass
Employee
Employeee.g.
configuration
[root@ve11a:Active:In Sync] config tmsh list ltm virtual fwd
ltm virtual fwd {
destination 0.0.0.0:0
mask any
profiles {
fastL4 { }
}
rules {
qux
}
source 0.0.0.0/0
translate-address disabled
translate-port disabled
vlans {
v423
}
vlans-enabled
vs-index 4
}
[root@ve11a:Active:In Sync] config tmsh list ltm rule qux
ltm rule qux {
when CLIENT_ACCEPTED {
if { [class match -- [IP::local_addr] equals onCampus_networks] } {
snat none
} else {
snatpool snat_pool
}
}
when SERVER_CONNECTED {
log local0. "Client [IP::client_addr]:[TCP::client_port] \
SNATed to [IP::local_addr]:[TCP::local_port] \
connecting to [IP::remote_addr]:[TCP::remote_port]"
}
}
[root@ve11a:Active:In Sync] config tmsh list ltm data-group internal onCampus_networks
ltm data-group internal onCampus_networks {
records {
192.168.206.0/23 { }
}
type ip
}
[root@ve11a:Active:In Sync] config tmsh list ltm snatpool snat_pool
ltm snatpool snat_pool {
members {
172.28.24.228
}
}
/var/log/ltm
[root@ve11a:Active:In Sync] config tail -f /var/log/ltm
Nov 24 08:41:28 ve11a info tmm[14890]: Rule /Common/qux : Client 200.200.200.111:42810 SNATed to 172.28.24.228:42810 connecting to 8.8.8.8:8
Nov 24 08:41:38 ve11a info tmm[14890]: Rule /Common/qux : Client 200.200.200.111:43066 SNATed to 200.200.200.111:43066 connecting to 192.168.207.56:8
