Forum Discussion
smp_86112
Cirrostratus
Cirrostratuslogging full TCP connection details
In my head, I have this picture of how a TCP connection with a SNAT-enabled Virtual Server looks:
[client_ip]:[client_port] <-> [VIP_ip]:[VIP_port] <-> [LTM_self_ip]:[LTM_port] <-> [Node_ip]:[Node_port]
However, I could figure out how to log three of these four connection points this during my research and testing:
[IP::client_addr]:[TCP::client_port] <-> ??? <-> [IP::local_addr]:[TCP::local_port] <-> [IP::server_addr]:[TCP::server_port]
Isn't there a way, using these built-in-type iRule constructs, to get the Virtual Server address and port that a client is connected to? I tried various combinations of these variables along with the serverside/clientside global commands, but I couldn't seem to come up with it.
hoolioHi SMP,
You're pretty much there. When called in the clientside context, IP::local_addr and TCP::local_port will return the IP and port the client made the request to (the client's destination IP and port). For host virtual servers, this will be the virtual server IP and port. If you want to get the client's destination IP and port from a serverside event, you can use the clientside command.
See this old post for details on IP's and context:
http://devcentral.f5.com/Forums/tabid/1082223/asg/50/showtab/groupforums/aff/5/aft/10187/afv/topic/Default.aspx
Aaron
smp_86112Great reference again hoolio. This is what I came up with to give me what I was after:when CLIENT_ACCEPTED { set ext_src [IP::remote_addr]:[TCP::remote_port] set ext_dst [IP::local_addr]:[TCP::local_port] } when SERVER_CONNECTED { set int_src [IP::local_addr]:[TCP::local_port] set int_dst [IP::remote_addr]:[TCP::remote_port] log local0. "$ext_src->$ext_dst->$int_src->$int_dst" }