Forum Discussion
irule read from TCP option
irule-1 works well
when LB_SELECTED {
set src_cli_addr [IP::client_addr]
snatpool SNAT_10.128.10.88
}
when SERVER_CONNECTED {
scan $src_cli_addr {%d.%d.%d.%d} e b c d
TCP::option set 28 [binary format cccc $e $b $c $d] all
set tcp_option_content [binary format cccc $e $b $c $d]
log local0. "insert tcp option is $tcp_option_content"
binary scan $tcp_option_content H* cli_addr_H
log local0. "source_ip is $cli_addr_H"
}
irule-2 can not read the date from tcp option 28
when CLIENT_ACCEPTED {
TCP::collect
}
when CLIENT_DATA {
set option_cli_addr [TCP::option get 28]
log local0. "option_cli_addr is: $option_cli_addr"
binary scan $option_cli_addr H* addr
scan $addr "%2x%2x%2x%2x" ip1 ip2 ip3 ip4
log local0. "$ip1-$ip2-$ip3-$ip4"
set src_cli_addr "$ip1.$ip2.$ip3.$ip4"
log local0. "cli-addr is $src_cli_addr"
snatpool SNAT_10.128.10.88
TCP::release
}
- Wangzixuan_3147Nimbostratus
I found an irule to insert the client address into TCP option , which can meet the requirements through the capture package. There is also an irule to verify that you can read the field in TCP option and print it to the log, but find that the irule will be misreported. Please help to see, where is the problem?
- Wangzixuan_3147Nimbostratus
THE ERROR LOG IS: May 20 23:14:49 bigip1 info tmm[10405]: Rule /Common/irule-tcp-optin28-yanzhen : option_cli_addr is: May 20 23:14:49 bigip1 err tmm[10405]: 01220001:3: TCL error: /Common/irule-tcp-optin28-yanzhen - can't read "ip1": no such variable while executing "log local0. "$ip1-$ip2-$ip3-$ip4"" May 20 23:14:49 bigip1 info tmm1[10405]: Rule /Common/irule-tcp-optin28-yanzhen : option_cli_addr is: May 20 23:14:49 bigip1 err tmm1[10405]: 01220001:3: TCL error: /Common/irule-tcp-optin28-yanzhen - can't read "ip1": no such variable while executing "log local0. "$ip1-$ip2-$ip3-$ip4"" May 20 23:15:34 bigip1 info tmm1[10405]: Rule /Common/irule-tcp-optin28-yanzhen : option_cli_addr is:
- Stanislas_Piro2Cumulonimbus
Did you create your own TCP profile with option 28 allowed?
create ltm profile tcp profile_name tcp-options-28 "{28 first}"
- Wangzixuan_3147Nimbostratus
yes,i have create TCP profile with option 28 allowed
- YoungLee_254832Nimbostratus
Hey,man,do you solve this issue
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com