Forum Discussion
Prasad4u
Nimbostratus
NimbostratusNeed help with insert true-client-ip to X-Forwarded-For rule on F5 LTM
Hi,
Additional INFO: First of I will represent the access as it is done from the client to the F5
CLIENT --> Cloudflare --> F5 Service
- client try to access to the following hostname that is hosted by F5 : app.mydomain.com(1.2.3.4)
- Request will go to CloudFlare.
- CloudFlare will redirect user to F5 service (app.mydomain.com) at the same time it will cache the client's response for the future transaction.
- When CloudFlare will redirect user to F5 service (app.mydomain.com), CloudFlare will hide the real Client-IP and provide the CloudFlare IP.
- Instead of CloudFlare IP, We would like to grab the True-Client-IP and insert into X-Forwarder-For to see logs on the Server logs which is hosted behind the F5.
Hi Prasad4u,
iRule:
when HTTP_REQUEST { if { [HTTP::header exist True-Client-IP] } { # Client --> CloudFlare --> F5 HTTP::header replace X-Forwarded-For [HTTP::header True-Client-IP] } else { # Client --> F5 HTTP::header replace X-Forwarded-For [IP::client_addr] } }Additional note: In this scenario, don't use source_addr persistence.
Prasad4uHi Enes Afsin,
Greetings!!
After applying this irule, The VIP stopped working.
Could you please help us here.
Hi Prasad4u,
Can you investigate /var/log/ltm ?
Is there a log for this irule or another attached irule?
- Prasad4u
Thanks for quick response Afsin. Will test and get back to you.
