Forum Discussion
NimbostratusiRule to retrieve the first IP from an HTTP header
Requirement: client traffic will have a header named "Client_IP_XFF" which will have more than 1 IP. They want the LTM to retrieve the first IP from this header and insert it into X-Forwarded-For header. VIP will also get client traffic that will have standard X-forwarded-for folder.
The irule I applied on the VIP is as below, but this isn't going to get the first IP from the folder. Any suggestions on how this can be modified ?
create ltm rule XFF_ClientIP when HTTP_REQUEST { if {[HTTP::header exists "Client_IP_XFF"]}{ HTTP::header remove X-Forwarded-For HTTP::header insert X-Forwarded-For [HTTP::header value "X-Client-IP"] } else {
HTTP::header remove X-Forwarded-For HTTP::header insert X-Forwarded-For [getfield [IP::client_addr] % 1] } }
example of X-Client-IP data : 10.11.20.19,127.0.0.1 irule should get them 10.11.20.19 IP.
Lee_SutcliffeNacreous
You need to convert the multiple IP addresses into a TCL list using '
' as a delimiter. Then use,
to return the first element.lindexI've modified your iRule a bit, try the following and let me know how you get on.
when HTTP_REQUEST { remove XFF header, will inset this again later if {[HTTP::header exists "X-Forwarded-For"]} { HTTP::header remove "X-Forwarded-For" } if {[HTTP::header exists "Client_IP_XFF"]}{ split Client_IP_XFF value into a list set ipList [split [HTTP::header value "Client_IP_XFF"] ","] use first element of list for XFF value HTTP::header insert "X-Forwarded-For" [lindex $ipList 0] } else { HTTP::header insert "X-Forwarded-For" [getfield [IP::client_addr] % 1] } }