Forum Discussion
MDPF5_152674
Altostratus
AltostratusiRule for Snat
Hi Community, i want to implement that iRule for Snat but i don't know why the f5 Big IP doesn't accept the following iRule :
Can you help me? Thanks M.
when CLIENT_ACCEPTED {
class SNAT1{
network 172.x.x.0 mask 255.255.255.0
}
class SNAT2 {
network 192.168.0.0 mask 255.255.255.0
network 192.168.1.0 mask 255.255.255.0
network x.x.x.x 255.255.255.0
}
Check if the client IP address is a member of the address data group named Hosts
if { [class match[IP::client_addr] equals SNAT1]} {
{
scan [IP::client_addr] "%*d.%*d.%d.%d" a b c d
snat 2.168.$c.$d
}
else {[class match[IP::client_addr] equals SNAT2]}
{
scan [IP::client_addr] "%*d.%*d.%d.%d" a b c d
snat 3.168.$c.$d
}
}
Exit this event to avoid disabling SNAT below
return
Default action is to not SNAT
snat none
}
3 Replies
MDPF5_152674network x.x.x.x stands for multiple networks....
- MDPF5_152674the version of bigip is 10.1.0 and the tmos give me the output error 01070151:3: Rule [Snat] error: line 2: [unknown option: "SNAT1{"]
- Kevin_Stewart
Employee
Ah, there's an issue in one version, not sure which, that requires a value in the data group entries. You can put anything you want, as they'll be ignored.
