For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

pponte's avatar
pponte
Icon for Altostratus rankAltostratus
Jan 10, 2020

Insert client ip address on ldap VS

Hello team, I have a question I hope someone can answer. We have received a request to know if there is any chance to add client ip address on an ldap query. We have an ldap and ldaps virtual serv...
application delivery
client_ip_address
iRules
ldap
LTM
pponte's avatar
pponte
Icon for Altostratus rankAltostratus
Jan 20, 2020

Hello,

I created an iRule to log the traffic (on a lab environment) just for testing purposes.

when SERVER_CONNECTED {
 
   set client "[IP::client_addr]:[TCP::client_port]"
 
   set snat "[IP::local_addr]:[TCP::local_port]"
 
   set node "[IP::server_addr]:[TCP::server_port]"
 
   }
 
when CLIENT_CLOSED {
 
   log local0. "Client $client -> SNAT: $snat -> Node: $node"
 
   }

So, I could get a line whith required information.

Jan 20 16:54:33 LAB-ld1f5t info tmm6[32493]: Rule /Common/iRule_logging_traffic <CLIENT_CLOSED>: Client 10.71.70.67:34243 -> SNAT: 10.71.70.67:34243 -> Node: 10.71.72.154:389

Should I set HSL in order to keep cpu and resources low?

Thank you for your help.