For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Nik's avatar
Nik
Icon for Cirrus rankCirrus
May 02, 2014

Logging outgoing SNAT List connections

I have a number of servers in snat lists and we're trying to figure out what servers are actually making connections. I haven't found anyplace to do this.. any ideas if it's possible?  
application delivery
design
logging
LTM
management
snat
StephanManthey's avatar
StephanManthey
Icon for Nacreous rankNacreous
May 02, 2014

I´m not sure, if I got your question right. If you are talking about incoming connections to be balanced to a pool of local servers and SNAT is applied somehow, you can use an iRule as this one (second log): 

when SERVER_CONNECTED {
     log clientside connection details to /var/log/ltm
    log local0. "Clientside connection: [clientside {IP::remote_addr}]:[clientside {TCP::remote_port}] to [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
     log serverside connection details to /var/log/ltm
    log local0. "Serverside connection: [IP::local_addr]:[TCP::local_port] to [IP::remote_addr]:[TCP::remote_port]"
}

Or are you talking about so called default SNATs?

In this case the "clientside" part of the iRule above provides the requested information.

Btw, I´m always trying to avoid them. Using a SNATpool in the context of a virtual server or applying SNAT via iRule provides much better control.