SNAT base on Source IP and TCP Port

Question

Hello. 
&nbsp;  
&nbsp; I need some help in figuring out an iRule that can be applied on my outbound virtual server where if it sees that the source IP and TCP port is coming from A.A.A.A:ZZ, it will snat to B.B.B.B:YY. All other should forward without SNAT by default. 
&nbsp;  
&nbsp; What should my iRule looks like with the above condition? I did an iRule with basic IP to IP SNAT but without port consideration before. 
&nbsp;  
&nbsp; Appreciate your help. 
&nbsp;  
&nbsp;  
&nbsp; -Rey 
&nbsp;  
&nbsp;  
&nbsp;  
&nbsp;

the_bhattman · Answer

Take a look at the following example Click here 
&nbsp;  
&nbsp; CB

rababa74_74439 · Answer

The sample is actually for IP to IP translation w/out considering the port. I need the combination of both. 
&nbsp;  
&nbsp; Thanks. 
&nbsp;  
&nbsp; -Rey

nicolas_menant · Answer

Hi, 
  
 If you checked the wiki you'll have found this link for TCP port:Click here 
  
 So to check the ip AND port it would looks like this:  
  
 when CLIENT_ACCEPTED { 
   if { ([IP::addr [IP::local_addr] equals 10.10.10.0/24]) AND ([TCP::client_port] equals "80" }{ 
   snat 192.168.20.10 
  } 
 }

HTH 
  
 N.

Forum Discussion

SNAT base on Source IP and TCP Port

3 Replies

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

R4800 snmp issues.

F5 XC and Service Policy/HTTP path

BIG-IQ: how to change interval checks for health status of pools and poolmembers

Citrix iApps

FQDN Node with Route Domains

Related Content

SNAT based on source and destination

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

Source IP Based Pool Routing

Demystifying Time-based OTP

Cookie-based DDoS protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS