Forum Discussion
CirrocumulusHow can I use an irule to send the client's source IP over HSL without sending everything else?
Hi;
My question is related to the i-rule below. How can I define a HSL publisher with a filter and avoid sending all types of messages associated with that filter so that only a message showing the client source IP and source port is sent to the syslog server? I just don't want to log anything else relating to all other services and message ids.
Kindly
Wasfi
when CLIENT_ACCEPTED {
set hsl [HSL::open -publisher $static::general_remote_syslog_publisher]
HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"
}
Not too sure quite what you want but you can use the HSL command to create the HSL connection directly instead of going through a publisher: https://clouddocs.f5.com/api/irules/HSL__open.html
when CLIENT_ACCEPTED { set hsl [HSL::open -proto UDP -pool <HSL pool>] HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]" }
PeteWhiteEmployee
Not too sure quite what you want but you can use the HSL command to create the HSL connection directly instead of going through a publisher: https://clouddocs.f5.com/api/irules/HSL__open.html
when CLIENT_ACCEPTED { set hsl [HSL::open -proto UDP -pool <HSL pool>] HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]" }- boneyard
MVP
did the answer by Pete work for you Wasfi Bounni? if so please flag question as answered.
Wasfi_BounniThank you Sir.
Latchezar_DimovNimbostratus
Hello Pete,
Do I need to add more rows (like below) in order to collect the client IP or your rule do it? Our goal is to send the client IP over HSL for ldap service with SNAT.
example:
when SERVER_CONNECTED {
set client "[IP::client_addr]:[TCP::client_port]"
set snat "[IP::local_addr]:[TCP::local_port]"
set node "[IP::server_addr]:[TCP::server_port]"
}
