Forum Discussion
HSS header modification
I am trying to create an iRule wihci will affect the HSS header, the source IP will be be inserted in the new customer header (x-hss-auth) with a new on net/offnet flag. The iRule logic is the follwoing:
Begin
{
If source address = 172.16.4.0/24
Extract handset source from x-wsb-sourceip from WAP Gateway
Delete previous x-hss-auth entry;
insert src address into x-hss-auth;
set on net flag = 1 in x-hss-auth;
}
Else
{
Delete previous x-hss-auth;
If source address = [ address list]
then {
insert src address into x-hss-auth;
set on net flag = 1 in x-hss-auth;
}
else {
insert src address into x-hss-auth;
Set on net flag = 0 in x-hss-auth
}
}
End
So far, I am stuck at the extraction (I know it is the beginning. Any clue, advice, critic is more than welcome.
class hss_wap_network { {
network 172.16.4.0/24
} }
when CLIENT_ACCEPTED {
if { [matchclass [IP::client_addr] equals $::hss_wap_network] } {
HTTP::header replace XXXX [IP::client_addr]"
- Kevin_Davies_40
Nacreous
To assist you, would need the format of both the headers. - Stef_85923
Nimbostratus
Thanks for you answer, below is the iRule I have created but it is not complete as I still do not know how to extract: - Kevin_Davies_40
Nacreous
Hi, - Kevin_Davies_40
Nacreous
This code injects the X-HSS-Auth header to reflect the source of the traffic The header x-wsbsourceip should exist in the incoming request when coming from WAP networks X-HSS-Auth is x.x.x.x,0.0.0.y where x is the source address, y is 0 for internet or 1 for On-Net/WAP traffic when HTTP_REQUEST { remove headers we dont want HTTP::header remove {X-Net-Info} {X-Forwarded-For} inject header to show where we came from. if { [class match [IP::client_addr] equals WAP] } { set header "[HTTP:header {x-wsbsourceip}],0.0.0.1" } elseif { [class match [IP::client_addr] equals On-Net] } { set header "[IP::client_addr],0.0.0.1" } else { set header "[IP::client_addr],0.0.0.0" } HTTP::header insert {X-HSS-Auth} $header log "My IP address is [IP::client_addr]. My new header X-HSS-Auth: $header" }
- Stef_85923
Nimbostratus
Thanks a lot.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com