Forum Discussion
Marc_57541
Nimbostratus
Nimbostratusirule matchclass not working for networks
I am having a problem with matchclass identifying that a host is in a address class containing networks.
It works it the class just contains hosts addresses
classes defined
class cl_net_London {
network 10.64.0.1/18
}
class cl_dctm_dev_net_Marc {
host 10.64.38.97
}
Irule extract
when CLIENT_ACCEPTED {
if { [matchclass [IP::client_addr] equals $::cl_net_London] }{
log local0. "client [IP::client_addr] with class: $::cl_net_London"
snat 10.64.27.75
} else {
log local0. "client [IP::client_addr] no matches"
snat 10.64.27.85
}
}
Extract from log
Rule ir_dctm_sta_web_network : client 10.64.38.97 no matches
Matchclass works when matching a host address not a network
if { [matchclass [IP::client_addr] equals $::cl_dctm_dev_net_Marc] }
Any ideas everything I have read says matchclass should be able to check if an ip-address matches a group of networks.
3 Replies
- The_BhattmanHave you looked at the following:
http://devcentral.f5.com/wiki/default.aspx/iRules/IP__addr.html
CB 
Marc_57541Thanks I had not seen this.
Tried IP:Addr with no joy
got this error
Sep 21 22:21:45 tmm tmm[2022]: 01220001:3: TCL error: ir_dctm_sta_web_network - bad IP address format while executing "IP::addr [IP::client_addr] equals $::cl_net_London"
class cl_net_London {
network 10.64.0.1/18
}
have now modified the network to be 10.64.0.0/18 which seems to work.
Will do further testing tomorrow:D- The_Bhattman
