SNAT Automap iRule not working after ver 10.1 upgrade

After we upgraded our LTM's from 9.4 to 10.1 I realized our SNAT rule wasn't working. Because of our network layout the LTM is the default gateway for our servers, so we need it to SNAT when they are trying to access the internet, but not when they are accessing the rest of the network. So I use this iRule;

 

 

when CLIENT_ACCEPTED {

 

 

Compare destination address with the pre-defined

 

class of RFC1918 non-routable addresses

 

If not in that group, automap-SNAT the connection

 

 

if {not [matchclass [IP::local_addr] equals ::private_net] } {

 

log local0.info "intenet access attempted"

 

snat automap

 

}

 

}

 

 

IN ver 9.4 it worked fine. Now when I enable to the log line I get the following error in the log

 

 

Feb 24 09:33:52 local/tmm err tmm[6881]: 01220001:3: TCL error: outboundSNAT - Invalid matchclass operands - no class or list type found, lhs: ip, rhs: ::private_net (line 5) invoked from within "matchclass [IP::local_addr] equals ::private_net"

 

 

The private_net group exists in the Data Group List, so what am I missing here? I am not a developer, so pretty much all my iRules are just cut and pasted together from what I find on this site, so I'm sure it's something simple, just confused as to why it worked in ver 9 and not now.

 

 

Thanks