iRule syntax

In a clientside context event like CLIENT_ACCEPTED (when the client establishes a connection to the virtual server), [IP::local_addr] returns the client's destination address. If you're not using a network virtual server, the command returns the virtual server's IP address.

 

 

Aaron

Thanks for the reply Aaron but my qstn remains unanswered.. I will put it more clearly..

 

 

lets say the above iRule is mapped to a wilcard virtual server as below,

 

 

virtual VS_1

 

destination any:any

 

mask none

 

vlans 2 enable

 

profile fastl4lx

 

rules X

 

 

Now, if servers from vlan 2 were to initiate outbound connection, in such pkts iRule would look for 10.10.10.x OR 20.10.20.x as the source or destination address to snat the packet with the respective snatpool address in the iRule?

 

 

 

If the client's destination IP address was 10.10.10.x, the iRule would apply a SNAT using snatpool pool1 on the serverside connection. If the client's destination IP address was 20.10.20.x, the iRule would apply a SNAT using snatpool pool2 on the serverside connection. So IP::local_addr in CLIENT_ACCEPTED refers to the client's destination (TMM's local address for the clientside context).

 

 

Aaron

Thanks now it clears....but one more...say iRule is modified as below..

 

 

iRule X

 

 

when CLIENT ACCEPTED {

 

if {[IP::addr [ IP::local_addr] equals 10.10.10.22 ] } { ----> is a VIP

 

snatpool pool1

 

} elseif {[IP::addr [IP::local_addr] equals 10.10.10.x ] } {

 

snatpool pool2

 

} else {

 

snat none

 

pool poolA

 

}

 

 

Vlan 2 - 10.10.10.x/24..and same wildcard VS as above..

 

 

virtual VS_1

 

destination any:any

 

mask none

 

vlans 2 enable

 

profile fastl4lx

 

rules X

 

 

Now, say hosts in VLAN 2 with gwy as F5 float IP in VLAN 2 try accessing outbound..how the modified iRule would process the source pkts from hosts in VLAN2?

 

Thanks now it clears....but one more...say iRule is modified as below..

 

 

iRule X

 

 

when CLIENT ACCEPTED {

 

if {[IP::addr [ IP::local_addr] equals 10.10.10.22 ] } { ----> is a VIP

 

snatpool pool1

 

} elseif {[IP::addr [IP::local_addr] equals 10.10.10.x ] } {

 

snatpool pool2

 

} else {

 

snat none

 

pool poolA

 

}

 

 

Vlan 2 - 10.10.10.x/24..and same wildcard VS as above..

 

 

virtual VS_1

 

destination any:any

 

mask none

 

vlans 2 enable

 

profile fastl4lx

 

rules X

 

 

Now, say hosts in VLAN 2 with gwy as F5 float IP in VLAN 2 try accessing outbound..how the modified iRule would process the source pkts from hosts in VLAN2?

 

Regardless of how the virtual server is defined, calling [IP::local_addr] in a clientside context event like CLIENT_ACCEPTED will return the client's destination IP address. See this post for more info:

 

 

https://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/10187/showtab/groupforums/Default.aspx10235

 

 

Aaron