For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

YossiV's avatar
YossiV
Icon for Nimbostratus rankNimbostratus
Oct 06, 2015

Replace Source ip with Real Client IP

 

Dear Community, lately we started working with 3rd party company that making us Application security and protection (the A-Recored pointing to the protection gateway, and then it redirect to us. because of that the source IP now is the protection IP and not our real client IP that causing me problem when we want to take out reports of pur activity customers and so on.. i know i can do that with 2 ways. 1) is to change the application so it will take the X-Real-IP, 2) to create an IRULE that will make me the following Replace the Remote Address(Source) with the X-Real-IP and if X-Real-IP not exist to take the X-Forwarded-For, and if X-Forwarded-For no exist to keep the Remote Address(source) as is

 

since i am very week on Irules your help is very needed here 10x!

 

application delivery
BIG-IP Access Policy Manager (APM)
devops
iRules
LTM
security

4 Replies

  • Brad_Parker's avatar
    Brad_Parker
    Icon for Cirrus rankCirrus
    Oct 06, 2015

    Give this a try. One caveat, this will only work if your LTM is the default route for the backend servers, otherwise you will end up with asynchronous routing.

    when HTTP_REQUEST {
    if {[HTTP::header exists "X-Real-IP"]}{
        snat [HTTP::header "X-Real-IP"]
    }
    elseif {[HTTP::header exists "X-Forwarded-For"}{
        snat [HTTP::header "X-Forwarded-For"
    }
    else {
        return
    }
}
  • 347250's avatar
    347250
    Icon for Nimbostratus rankNimbostratus
    Oct 06, 2015

    wow that's was fast! 10x, it solved the issue , :)