Forum Discussion

Nimbostratus

Dec 16, 2008

iRule to SNAT based on IP

I am trying to setup an iRule that will send traffic from a specific host behind my F5 out a specific IP. I have a WildCard VS and an SNAT applied to the WildCard VS called "email" that directs all ou...

Cirrostratus

Dec 17, 2008

That rule looks like it should work. Are you sure the requests are hitting the virtual server that the rule is configured on? You can add logging to get a better idea of what's happening. Also it would be more efficient to use IP::addr (Click here) to check the client IP address:

 
 when CLIENT_ACCEPTED { 
    if { [IP::addr [IP::client_addr] equals 192.0.0.60] } { 
       log local0. "[IP::client_addr]:[TCP::client_port] -> [IP::local_addr]:[TCP::local_port]: Snat to x.x.x.4" 
       snat x.x.x.4 
    } else { 
       log local0. "[IP::client_addr]:[TCP::client_port] -> [IP::local_addr]:[TCP::local_port]: Snat to x.x.x.5" 
       snat x.x.x.5 
    } 
 }

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)