Forum Discussion
Mariusz_B
Nimbostratus
NimbostratusLogging all traffic iRule.
Hello,
I have the following iRule for logging all traffic:
when CLIENT_ACCEPTED {
set vip [IP::local_addr]:[TCP::local_port]
}
when SERVER_CONNECTED {
set client "[IP::client_addr]:[T...
Mariusz_BNimbostratus
NimbostratusThank you Michael.
I have done something like this, and I am about to test it in next few days:
when CLIENT_ACCEPTED {
set client "[IP::client_addr]:[TCP::client_port]"
set vip "[IP::local_addr]:[TCP::local_port]"
set snat "unknown"
set node "unknown"
}
when SERVER_CONNECTED {
set snat "[IP::local_addr]:[TCP::local_port]"
set node "[IP::server_addr]:[TCP::server_port]"
}
when CLIENT_CLOSED {
log connection info
log local0.info "Client $client -> VIP: $vip -> SNAT: $snat -> Node: $node"
}
SnlCirrostratus
I have a similar requirement , were customer is using automap and want to enable logging for specific virtual server to capture all sessions , its not working since unknown keyword matching in snat & node side , also virtual server is running on port smtp so i cannot add http profile
Code when CLIENT_ACCEPTED { set client "[IP::client_addr]:[TCP::client_port]" set vip "[IP::local_addr]:[TCP::local_port]" set snat "unknown" set node "unknown" } when SERVER_CONNECTED { set snat "[IP::local_addr]:[TCP::local_port]" set node "[IP::server_addr]:[TCP::server_port]" } when CLIENT_CLOSED { log connection info log local0.info "Client $client -> VIP: $vip -> SNAT: $snat -> Node: $node" }any help appreciated
/snl
- boneyard
MVP
i think it is wiser to start a new question.
and explain what you mean with unknown is matching, if unknown is shown that is for a reason then those fields aren't known yet when the log occurs.
also you don't need a HTTP profile for any of these irule statements, it is all TCP or lower.
