Forum Discussion

Nimbostratus

Jun 01, 2012

smtp irule for access control

Hello, I am trying to either preserve the source ip information so that existing smtp rules and greylists continue to work but ensure fault tolerance by placing smtp servers befind an f5 vip...

Nimbostratus

Jun 01, 2012

actually it looks like it may be working have to test more but for debugging i am doing this variation of it

when RULE_INIT {

debug logging to /var/log/ltm (local0)? 0 = no, 1 = yes

set static::debug 1

}

if { [matchclass [IP::remote_addr] equals smtp_relay_allowed] } {

when CLIENT_ACCEPTED {

if { [IP::addr [IP::remote_addr] equals $ip_of_lb ] } {

log local0. "Node IP address is: [IP::remote_addr] and sent to SMTP_clients_from_ltm_addr"

} else {

log local0. "Node IP address is: [IP::remote_addr]"

if { [class match [IP::client_addr] equals smtp_relay_allowed] } {

pool mail.dcname

} else {

reject

}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

smtp irule for access control

Recent Discussions

Creating Policy using Terraform

Alert Mail when virtual server down trubleshooting

How to disable RC4 Cipher on SSL

Big-IQ + LetsEncrypt wildcard

DEVICE-0202 Error while adding rSeries as a provider in CM

Related Content

How to access an LTM Policy variable from an iRule ?

Granular Access control policies

No more http Portal Access

owa iapp assign irule

APM access policy in non Comon partition - not working

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS