Forum Discussion

Kevin_Nail's avatar
Kevin_Nail
Icon for Nimbostratus rankNimbostratus
Jan 15, 2009

Multiple XFF headers

We have a situation where it may be possible for one LTM to insert the XFF and load-blance the packets to another LTM with another XFF set.     I would like to have an iRule the checks for ...
application delivery
dev
devops
iRules
Colin_Walker_12's avatar
Colin_Walker_12
Historic F5 Account
Jan 16, 2009
Don't forget that you don't really need a "do nothing" section of the rule at all. You can accomplish the same thing with negative logic.

 

 

 
 when HTTP_REQUEST {  
   if { !([HTTP::header exists "X-Forwarded-For"])}{  
     HTTP::header insert "X-Forwarded-For" [IP::client_addr]  
     log local0. "[IP::client_addr]:[TCP::client_port]: Added XFF: [HTTP::header values "X-Forwarded-For"]"  
   }  
 }

 

 

Not that it matters a ton in this case, but in longer, more complex scenarios, this can save a fair amount of code. Also, the header replace option is a good one, that way you should only ever end up with one. This is only an option if you aren't trying to preserve a previous XFF header though, obviously.

 

 

Colin