Forum Discussion

Ahmed_Galal's avatar
Ahmed_Galal
Icon for Cirrostratus rankCirrostratus
Oct 09, 2019

Irule to insert source IP in UDP payload

Hi All,   can anyone please provide me with iRule that insert Source IP address in UDP payload?
application delivery
iRules
LTM
  • PeteWhite's avatar
    PeteWhite
    Oct 09, 2019
    when CLIENT_ACCEPTED {
  set payloadLength [UDP::payload length]
  set address [IP::client_addr]
  set addressLength [ string length $address ]
  UDP::payload replace $payloadLength $addressLength $address
}

    You can also use the CLIENT_DATA and SERVER_DATA events and take a look at https://clouddocs.f5.com/api/irules/UDP__payload.html

PeteWhite's avatar
PeteWhite
Icon for Employee rankEmployee
Oct 09, 2019
when CLIENT_ACCEPTED {
  set payloadLength [UDP::payload length]
  set address [IP::client_addr]
  set addressLength [ string length $address ]
  UDP::payload replace $payloadLength $addressLength $address
}

You can also use the CLIENT_DATA and SERVER_DATA events and take a look at https://clouddocs.f5.com/api/irules/UDP__payload.html

  • AndresSolano's avatar
    AndresSolano
    Icon for Nimbostratus rankNimbostratus
    Aug 18, 2021

    I tried this iRule for DNS and as soon as I apply the rule in the VIP I stop getting responses, also while collecting captures on the LTM I a "Malformed Packet" on the query from the LTM and the response from the server is a "refused".

    Any idea what could be causing this issue? Did you got it working on your side?

    • PeteWhite's avatar
      PeteWhite
      Icon for Employee rankEmployee
      Aug 19, 2021

      This is not for DNS - it inserts the source IP address into the DNS request so it will then not be properly DNS formatted. What do you want to do?

      For DNS, you should look at the DNS events and commands: https://clouddocs.f5.com/api/irules/DNS.html

    • AndresSolano's avatar
      AndresSolano
      Icon for Nimbostratus rankNimbostratus
      Aug 19, 2021

      Since DNS is UDP based I thought it could work, the goal is to somehow send the real source of the query to the DNS server in the backend for logging purposes, I know I can get logging on the LTM, but the server team needs the logging taking place at the server level. Any thought?

  • jayendra07's avatar
    jayendra07
    Icon for Nimbostratus rankNimbostratus
    Dec 04, 2023

    so if we need to insert source-IP in TCP payload, we just need to replace UDP with TCP in given irule ?
    when CLIENT_ACCEPTED {
    set payloadLength [TCP::payload length]
    set address [IP::client_addr]
    set addressLength [ string length $address ]
    TCP::payload replace $payloadLength $addressLength $address
    }