Forum Discussion
jwlarger
Cirrus
CirrusLegacy iRule generating constant error logs
This iRule is verbatim from DevCentral 4 or 5 years ago.
when CLIENT_ACCEPTED {
# Check if the client IP address is a node in the VIP's default pool and active
if {[matchclass [IP::client_addr] equals [active_nodes -list [LB::server pool]]]}{
# log local0. "SNAT'ing for [IP::client_addr], member of pool [LB::server pool]"
snat automap
}
}
I see the following errors (tens of thousands per day):
Sep 27 04:02:42 slot1/someltm err tmm1[17681]: 01220001:3: TCL error: /Common/SNAT_Real_To_VIP <CLIENT_ACCEPTED> - invalid matchclass operands - no class or list type foun
d, lhs: ip, rhs: (line 2) invoked from within "matchclass [IP::client_addr] equals [active_nodes -list [LB::server pool]]"
I understand that matchclass was deprecated and should be replaced by 'class match', but I am unable to find a ref for updating the rule to eliminate the constant errors for 11.6.3.
iaineNacreous
Hi
Matchclass or class match are used to compare against Data Groups but I don't see one defined in your code and the error being returned indicates the same. Therefore, try this
when CLIENT_ACCEPTED { # Check if the client IP address is a node in the VIP's default pool and active if {[IP::client_addr] equals [active_nodes -list [LB::server pool]]}{ # log local0. "SNAT'ing for [IP::client_addr], member of pool [LB::server pool]" snat automap } }
jwlargerThanks, looking forward to testing this.