We have a site that is hosted through our F5 and it has a page which returns the users IP address so the source ip of the user accessing the site but the IP that is being returned is the floating IP of the Big IP. Is there specific setting in the virtual server set up or does something need to specified in an i-rule for it to route back to the source IP and not the floating IP? any help much appreciated! Thanks Pav

Hello Pav, What you are seeing is the result of the BIG-IP being a proxy. Are you using SNAT Automap? You might look into something called X-Fowarded-For: http://devcentral.f5.com/weblogs/macvittie/archive/2008/06/02/3323.aspx

Yep I have SNAT set to automap. The sites are hosted on IIS 6

http://devcentral.f5.com/weblogs/Joe/archive/2009/08/19/x_forwarded_for_log_filter_for_windows_servers.aspx You might check that link out. :)

Thanks mate I downloaded that filter and set it up in IIS but no joy im still getting the floating IP returned. Have you used it before and is there anything else I need to configure? Thanks Pav

Hello Pav, You would also need to configure an HTTP profile with the X-Forwarded-For setting switched on. Then look in your IIS logs and you should see the clients IP's. Then see if that works for your application.

I-rule to re-direct page back to source IP address?!

The_Bhattman
Nimbostratus
May 03, 2011
As Hoolio mentioned this was to see if the application might have been looking at other HTTP headers where it could be pulling the information. However, it is looking more and more like the application is indeed looking at the packet information.

Bhattman
Pav_70755
Nimbostratus
May 03, 2011
Have added the : and still no joy im afraid
The_Bhattman
Nimbostratus
May 03, 2011
Hi Pav,

Is there any specific reason why you are using AUTOSNAT? Was it to solve a particular problem?

thanks,

Bhattman
Pav_70755
Nimbostratus
May 03, 2011
I think I originally set that by default and after removing the SNAT Poole to automap it worked :-)

thanks for your help Battman
Pav_70755
Nimbostratus
May 04, 2011
my second question is can the X-Forwarded for be used to return the external IP address for the site?

Thanks

Pav
Michael_Yates
Nimbostratus
May 04, 2011
I don't believe that it can.

When enabled, the system inserts an XForwarded For header in an HTTP request with the Client IP Address.
Colin_Walker_12
Historic F5 Account
May 04, 2011
Well, technically, with an iRule couldn't you write whatever you want into a header named...whatever you want? (X-forwarded-for included)

I'm not saying the other systems would know what the heck to do with it, but I would think you could get there:

when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::local_addr] }

You might need to use header replace instead if it's already getting put in somewhere else along the line.

Colin
Michael_Yates
Nimbostratus
May 04, 2011
I agree with Colin, you might be able to do something like that, but even using the [IP::local_addr], just returns the IP Address of the Virtual Server that the iRule is running on and the other systems might not know what to do with it.

That seems kind of risky to me. :-)
Colin_Walker_12
Historic F5 Account
May 04, 2011
^ Yep, what he said. You CAN do pretty much anything you want in iRules. Just make sure you really want to do it first. ;)

Colin

Forum Discussion

I-rule to re-direct page back to source IP address?!

Recent Discussions

iRule LX replacement on bigip-Next

R2600 device and tenant/partition configuration

About Vulnerability Countermeasures

Creating virtual server of type performance_fastl4 using rest call

Best Solution For Unencrypted Cookies

Related Content

i-rule header insert - APM

I-rule for adapt request "response page"

CSV to Address External Datagroup File

Decoding the IPv4 address from the persistence cookie

How do I know the rule name of the blocked rule ID in AWS F5 WAF?