Forum Discussion
Header injection rule
- Aug 16, 2024
I believe the following should work for you and you shouldn't need X-Forwarded-For.
when HTTP_REQUEST priority 500 { if { [class match -- [IP::client_addr] equals "datagroup_name" ] } { HTTP::header insert proxy_action "trusted" } if { [HTTP::host] eq "myhost.mydomain.com" } { pool MYPOOL } }
I see that article. I see how to insert a custom header. I don't see how to insert a custom header based on the client request of a specific address.
If host = mypubliccnametoaddress.mydomain.com
if address is member of address group
insert value
We're already getting the X-Forward-For address, what we need to do is look at that address, and if the X-Forward-For address matches the four addresses we want to allow, and the traffic is bound for a specific pool, insert a value. If not, do nothing. Once the traffic passes through the F5, our proxy looks for the inserted value and allows or denies based on the request.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com