Forum Discussion
bman_12685
Nimbostratus
Jun 01, 2012smtp irule for access control
Hello,
I am trying to either preserve the source ip information so that existing smtp rules and greylists continue to work but ensure fault tolerance by placing smtp servers befind an f5 vip...
hoolio
Cirrostratus
Jun 01, 2012Are you saying that when you tested from a client IP in the smtp_relay_allowed data group, the connection was reset? Can you add a debug statement with the client IP?
when CLIENT_ACCEPTED {
log local0. "[IP::client_addr]:[TCP::client_port]: Connection to [virtual name] [IP::local_addr]:[TCP::local_port]"
if { not [matchclass [IP::remote_addr] equals smtp_relay_allowed] } {
log local0. "[IP::client_addr]:[TCP::client_port]: Rejecting client IP"
reject
}
}
Aaron
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects