Forum Discussion
imabbas_90
Altocumulus
AltocumulusLTM : Troubleshooting with no source IP
We have a problem. we have an LTM in AWS and configured a VIP along with the pools. Here We have multiple pools and traffic is sent to the pools via Irule based on URL. Now from Google Cloud with G...
imabbas_90Altocumulus
AltocumulusHello Amine thanks for your suggestion.
So if I add this Irule to the VIP just want to double confirm , that this won't hinder any other users correct?
Also, where can I find these logs, under /var/logs/LTM?
Incase if above fails any idea how to set GCP CE IP ranges as source and filter. or any other thoughts.
TIA
JRahm
Admin
AdminHi imabbas_90, you can create a data-group to contain your gcp ip ranges, I was able to do that programmatically against that json data with a little python (where gcp_src.json is a file with what you linked above.)
import json
with open('gcp_src.json') as f:
data = json.load(f)
f1 = open('gcp_src_dg', 'w')
f1.write('ltm data-group internal gcp_sources {\n')
f1.write(' records {\n')
for prefix in data.get('prefixes'):
if 'ipv4Prefix' in prefix:
f1.write(f' {prefix.get("ipv4Prefix")} {{ }}\n')
elif 'ipv6Prefix' in prefix:
f1.write(f' {prefix.get("ipv6Prefix")} {{ }}\n')
f1.write(' }\n')
f1.write(' type ip\n')
f1.write('}\n')
f1.close()
Then in an iRule, you can just log against sources that match that range in the data-group:
when HTTP_REQUEST {
if {[class match [IP::client_addr] equals gcp_sources]} {
log local0. "Client IP: [IP::client_addr] matches GCP source..."
}
}
I'd recommend you take a heavily filtered packet capture as well by actively triggering the job when capturing.