Forum Discussion

Altostratus

Feb 12, 2014

Redirect Based On IP within Payload Of UDP Packet

Hi, I am trying to redirect UDP (syslog) traffic to specific pools based on the IP addresses within the packet. Currently we have the following irule when CLIENT_ACCEPTED { if { [IP::...

Kevin_Stewart

Employee

Feb 13, 2014

This is actually pretty straight forward, but 1) you have to know how the data is presented in the syslog UDP payload, and 2) you have to string parse it from that payload. Here's an example:

when CLIENT_DATA {
    set src [findstr [UDP::payload] "src=" 4 ","]
    if { $src equals "172.16.99.210" } {
        pool a_pool
    }
}

where in this example the UDP payload had something like the following in it:

Request from src=172.16.99.210, to dst=10.10.10.12

Again, just an example. You'd use the UDP::payload command to expose the UDP data in the CLIENT_DATA event, and then use whatever string parsing function you need to extract the data.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Redirect Based On IP within Payload Of UDP Packet

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

T4 and ALL tenant images

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Related Content

F5 HTTPS Redirect 2025

HTTP Payload Collection

Payload string based persistence

Rewriting Redirects

Help with tcp/http payload irule

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS