Forum Discussion
Michael_Omaljev
Nimbostratus
NimbostratusIRULE syntax
looking to modify an Irule. Basically we have a solution with an I rule that deals with a source ip that talks to a vip and the destination servers that are loadbalanced exist in the same subnet as the source. I am trying to modify this script if there is more then 1 source server (server A proxy). Not sure what the syntax would be.
so If I have an additional source server 192.168.1.23 how would I add it to this Irule? what is the syntax? What is the syntax if I want to use the entire 192.168.1.X subnet ?
thanks
MO
when CLIENT_ACCEPTED {
if {[IP::addr "[IP::client_addr]" equals "192.168.1.22"]} {
snat automap
}
}
2 Replies
- For more than one address, you are going to have to use multiple if/elseif's or the matchclass command with an address class (data group). You can then create a class list with the addresses you want to match on. Search the forums for matchclass and you should find plenty of examples.
For an entire subnet you can use the optional mask parameter to the IP::addr command to match to an entire subnet.
IP::addr [mask ]
Give this a shotwhen CLIENT_ACCEPTED { log "client addr: [IP::client_addr]" log "mask addr: [IP::addr [IP::client_addr] mask "255.255.255.0"]" if { [IP::addr [IP::client_addr] mask "255.255.255.0"] equals "192.168.1.0" } { log local0. "match!" } else { log local0. "Not a match!" } }
-Joe - Um, that's not quite right...
Try this:when CLIENT_ACCEPTED { if {[IP::addr "[IP::client_addr]/24" equals "192.168.1.0/24"]} { snat automap } }
