jzitnik
Aug 15, 2024Nimbostratus
Header injection rule
Hello everyone.
I need to make a rule that injects a header value based on the presence of specific client side IP addresses 192.168.0.1, 192.168.0.2, 192.168.0.3 Etc..
What I think it would be is something like:
when HTTP_REQUEST {
if { [HTTP::host] eq "hostname" }{
pool POOL_NAME
}
and then an if statement with the allowed IPs
Don't know if I need the X-Forwarded-For value here?
and then HTTP::header insert "valuename" "allow"
We have a proxy on the back end that will read the value and allow access to the backend server based on the presence of the "allow" value in the header injection.
Sorry, My F5 skills are basic at best.
I believe the following should work for you and you shouldn't need X-Forwarded-For.
when HTTP_REQUEST priority 500 { if { [class match -- [IP::client_addr] equals "datagroup_name" ] } { HTTP::header insert proxy_action "trusted" } if { [HTTP::host] eq "myhost.mydomain.com" } { pool MYPOOL } }