Forum Discussion
Jason_G__141424
Nimbostratus
NimbostratusiRule to deal with multipule x-forwarded-for addresses in same request
I am currently having an issue with an iRule that I have written/borrowed. Below is a portion of the iRule that tracks the Clients IP addresss.
when CLIENT_ACCEPTED {
Collect the remote IP address.
set srcip [IP::remote_addr]
if { ($static::unique_tables_per_virtual ) } {
set blacklist_IP "blacklist_IP_[virtual]"
set countlist_IP "[IP::remote_addr]_[virtual]"
} else {
set blacklist_IP "blacklistIP"
set countlist_IP "[IP::remote_addr]"
}
}
when HTTP_REQUEST {
If the source IP is already in the blacklist table,
respond with the block page.
if { [table lookup -subtable $blacklist_IP $srcip] != "" } {
HTTP::respond 200 content $static::blockpage
return
After some new application changes instead of having a single x-forwarded-for address within the request there are two as shown below.
(cut from client request)
x-forwarded-for: 8.8.8.8
Cookie: cookie-value
X-Forwarded-For: 10.10.10.10
My question is what would be the best way to collect the first x-forwarded-for address as the clients source address? The second address is an application server that sits behind an F5 and proxy's the request through a second F5 and then to the web server.
3 Replies
Notice that the case matters. Your first IP address x-forwarded-for header name is all lowercase.
if {[HTTP::header value "x-forwarded-for"] ne ""} { set sourceIP [HTTP::header value "x-forwarded-for"] }
Jason_G__141424I noticed the case but wanted to make sure the rule wasn't impacted if the case was to change in the future.
You can always use a foreach statement:
foreach headerName [HTTP::header names] { if {[string tolower $headerName] eq "x-forwarded-for"} { append clientIP [HTTP::header value $headerName] } }
