Forum Discussion
monica_74227
Nimbostratus
NimbostratusHelp-inteligent sant iRule
Hey guys,
I write an iRule as the following:
when CLIENT_ACCEPTED {
if {[IP::addr [IP::local_addr] equals 10.96.44.4] and [serverside [UDP::remote_port] equals 53]}{
snat 211.138.30.66
}
elseif {[IP::addr [IP::local_addr] equals 10.96.44.5] and [serverside [UDP::remote_port] equals 53]}{
snat 211.138.30.66
}
elseif {[IP::addr [IP::local_addr] equals 10.96.44.4] and [serverside [UDP::remote_port] ne 53]}{
snat 211.138.30.67
}
elseif {[IP::addr [IP::local_addr] equals 10.96.44.5] and [serverside [UDP::remote_port] ne 53]}{
snat 211.138.30.68
}
}
well, I don't know if the above iRule is right, however when I write it in to the BIG-IP LTM(v9) that generate error message.
Thank you for your help!
hoolioCirrostratus
Hi,
There are a few syntax errors. The format for the serverside command is:
serverside {command}, not serverside [command]when CLIENT_ACCEPTED { if {([IP::addr [IP::local_addr] equals 10.96.44.4] or [IP::addr [IP::local_addr] equals 10.96.44.5]) and [serverside {UDP::remote_port}] == 53}{ snat 211.138.30.66 } elseif {[IP::addr [IP::local_addr] equals 10.96.44.4] and !([serverside {UDP::remote_port}] == 53)}{ snat 211.138.30.67 } elseif {[IP::addr [IP::local_addr] equals 10.96.44.5] and !([serverside {UDP::remote_port}] == 53)}{ snat 211.138.30.68 } }
I'm not sure with UDP if the server side "connection" has been established in the CLIENT_ACCEPTED event. If you get a runtime error about no serverside connection, can you reply?
Thanks,
Aaron- hoolioActually, it would be cleaner to check UDP::local_port versus trying to use serverside {UDP::remote_port} to see which port the UDP packet was sent to by the client. This assumes you're not using port translation on the VIP.
Aaron 
monica_74227Thank you very much, I have successfully load your iRule.
Yes, the iRule is applied to the VS:0.0.0.0:any, and disabled the IP translation and port translation. But I am also not sure if this iRule come true that I hope