Andrew_7467
Sep 08, 2011Nimbostratus
Insert something into header to distiguish public and private IP Addresses
All, I am working with our developers and need some assistance. What they would like to do is insert a custom header based on the client address. If it is RFC1918 addresses (172.18.0.0, 192.168.0.0, 10.0.0.0 addresses) they don't have to validate the user. Any other address is seen as an external user and we would like to have a custom header inserted. If they find this header on any packet, we assume the request is an external user attempting to access an internal resource, so we do validation against that user.
I tried this but I don't think this is what I am looking for, as far as a custom header and it is not passing validation within iRule editor.
when CLIENT_ACCEPTED {
if {[IP::addr[IP::remote_addr] equals 172.18.0.0 255.0.0.0] or [IP::addr[IP::remote_addr] equals 10.0.0.0 255.0.0.0]}{
HTTP::header insert ["internal_user"]
}else {
HTTP::header insert ["external_user"]
}
}
when CLIENT_ACCEPTED {
if {[IP::addr[IP::remote_addr] equals 172.18.0.0 255.0.0.0] or [IP::addr[IP::remote_addr] equals 10.0.0.0 255.0.0.0]}{
HTTP::header insert ["internal_user"]
}else {
HTTP::header insert ["external_user"]
}
}
Any ideas? Hopefully someone has seen this before.
Thanks...
Andy