How to Preserve Source IP in non HTTP/HTTPS TCP Virtual Server

Question

Our Customer has the demand that they want the Source IP address of Client who want to access one of their Application which is non HTTP/HTTPs , mean while i have follow different threads of Devcentral and prepare the below irule.

But still i am unable to preserve Client IP as Customer server didn't receive Source IP in the request from F5.

when CLIENT_ACCEPTED {

set opt28 [TCP::option get 28]

if { [string length $opt28] == 5 } {

binary scan $opt c ver

if { $ver != 1 } {

log local0. "Unsupported Akamai version: $ver"

} else {

set optaddr [IP::addr parse $opt28 1]

}

when SERVER_CONNECTED {

scan [IP::client_addr] {%d.%d.%d.%d} a b c d

TCP::option set 29 [binary format cccc $a $b $c $d] all

}

yoann_le_corvi1 · Answer

Hi&nbsp;Haven't tried in live on a lab, and not yet 100% sure it's possible. But give it a try with snat command &nbsp;https://clouddocs.f5.com/api/irules/snat.html&nbsp;Instead of manipulating the tcp payload directly.&nbsp;Yoann

Forum Discussion

How to Preserve Source IP in non HTTP/HTTPS TCP Virtual Server

1 Reply

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

R4800 snmp issues.

F5 XC JWKS auto update

PCI Compliance and ASM

irule for redirect and header injection

What happens if I activate only ASM without provisioning LTM?

Related Content

Handling HTTP Requests on an HTTPS Virtual Server

HTTP POST redirect preserving POST data

Application Study Tool: Make Grafana Listen on HTTPS

HTTP Multipart and Security Implications

HTTP and HTTPS on a single virtual server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS