Forum Discussion
NimbostratusHelp! Header Insert Not Working~
I tried as many ways as I can think of to get the remote ip address of the requesting client inserted into the header and cannot seem to get it working. I wiresharked it and I can get it listed in the cookie but not a field in the header. What am I doing wrong???? Below I created an irule using many methods to see which one worked can someone look and give your thoughts? NOTE: this rule has multiple methods I was trying everything
when CLIENT_ACCEPTED {
set client_src_ip_v0 [ IP::remote_addr ]
}
when HTTP_REQUEST {
HTTP::header insert CLT_SRC_IP_v0 $client_src_ip_v0
HTTP::header insert CLT_SRC_IP_v1 [IP::remote_addr]
HTTP::header insert lws CLT_SRC_IP_v2 [IP::remote_addr]
HTTP::header insert X-Forwarded-For [IP::remote_addr]
HTTP::header insert_modssl_fields addr addr addr
log local0. "X-Forward IP: [HTTP::header values "X-Forwarded-For"]"
log local0. "Client IP: [IP::remote_addr]"
}
Thanks
8 Replies
- Kevin_Stewart
Employee
All of those methods should work. Where are you looking for the header? It should be arriving at the server. You won't see it on the client side. 
Sean_Phillips_1I wiresharked at the server- Kevin_StewartCan you insert any other arbitrary header in the HTTP_REQUEST and see it at the server?
Try 'HTTP::header replace'. 
What_Lies_Bene1Cirrostratus
I'd suggest you remove the white space from this line: set client_src_ip_v0 [ IP::remote_addr ] so its: set client_src_ip_v0 [IP::remote_addr]
Then add a log message in that event as follows: log local0. "$client_src_ip_v0" to ensure that's working.
Also, why are you using [IP::remote_addr] later in the rule when you've set a variable for it earlier?
If that's all OK try commenting out all but the first header insert and doing your capture again and then adding one by one.+Plus what Kevin said! =]
- Sean_Phillips_1By the way this VIP is using SNAT to the backend server.
- Kevin_StewartSNAT (layer 3) has no affect on HTTP headers (layer 7).
All of those above choices should have worked. Alternativly, there should be an option in the HTTP profile called "Insert X-Forwarded-For". Just setting that to enabled should do what you are looking for.
But if your above iRule isn't inserting headers at all, there may be other configuration issues going on. Have you opened a case with support?
- nitasshave you tried tcpdump on bigip?
e.g.[root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.252:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } [root@ve10:Active] config b rule myrule list rule myrule { when CLIENT_ACCEPTED { set client_src_ip_v0 [ IP::remote_addr ] } when HTTP_REQUEST { HTTP::header insert CLT_SRC_IP_v0 $client_src_ip_v0 HTTP::header insert CLT_SRC_IP_v1 [IP::remote_addr] HTTP::header insert lws CLT_SRC_IP_v2 [IP::remote_addr] HTTP::header insert X-Forwarded-For [IP::remote_addr] HTTP::header insert_modssl_fields addr addr addr log local0. "X-Forward IP: [HTTP::header values "X-Forwarded-For"]" log local0. "Client IP: [IP::remote_addr]" } } tcpdump [root@ve10:Active] config ssldump -Aed -nni 0.0 port 80 New TCP connection 1: 172.28.19.251(48890) <-> 172.28.19.252(80) 1360482736.7723 (0.0011) C>S --------------------------------------------------------------- GET /something HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.252 Accept: */* --------------------------------------------------------------- New TCP connection 2: 200.200.200.10(48890) <-> 200.200.200.101(80) 1360482736.7743 (0.0010) C>S --------------------------------------------------------------- GET /something HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.252 Accept: */* CLT_SRC_IP_v0: 172.28.19.251 CLT_SRC_IP_v1: 172.28.19.251 CLT_SRC_IP_v2: 172.28.19.251 X-Forwarded-For: 172.28.19.251 ClientIPAddress: 172.28.19.251 --------------------------------------------------------------- /var/log/ltm [root@ve10:Active] config tail -f /var/log/ltm Feb 10 15:51:51 local/tmm notice tmm[4884]: 013e0001:5: Tcpdump starting bcast on :::0 from 127.1.1.1:42237 Feb 10 15:52:16 local/tmm info tmm[4884]: Rule myrule : X-Forward IP: 172.28.19.251 Feb 10 15:52:16 local/tmm info tmm[4884]: Rule myrule : Client IP: 172.28.19.251 Feb 10 15:52:19 local/tmm notice tmm[4884]: 013e0002:5: Tcpdump stopping on 127.1.1.2:34967 from 127.1.1.1:42237
