Forum Discussion
Casa_Henry_1360
Nimbostratus
NimbostratusSnat for mail servers
I am new to Irules and TCL. I have a need to create SNATs for my mail servers. What I am looking for is the syntax for parsing a field. So if I have a series of addresses defined as hosts
class hosts {
192.168.16.112 198.212.10.112
192.168.16.108 198.212.10.108
}
I would like to inspect it and if the address is the 1st field then the SNAT will be the second field.
Any help would be greatly appreciated.
16 Replies
- you wrote this:
when CLIENT_ACCEPTED {
if { [TCP::local_port] == 25} {
switch [ IP::client_addr ] {
192.168.246.151 { snat 198.212.12.151 }
192.168.246.150 { snat 198.212.12.150 }
default { forward }
{log local0. "[ IP::client_addr ] snatted"}
}
}
}
but you can't put the logging line inside the switch statement (at least at the place where you put it). Try this:when CLIENT_ACCEPTED { if [ [TCP::local_port] == 25 ] { switch [ IP::client_addr ] { 192.168.246.151 { snat 198.212.12.151 } 192.168.246.150 { snat 198.212.12.150 } default { forward } } log local0. "[IP::client] snatted" } else { forward } } 
Casa_Henry_1360That generates a parsing error.
Mar 16 13:24:05 bigipf51 mcpd[1655]: 01070151:3: Rule [iRuler_Parse_Test_Rule] error: line 8: [undefined procedure: IP::client] [IP::client] line 10: [undefined procedure: else] [else {forward}]- oops -
[IP::client] should be [IP::client_addr] - Casa_Henry_1360Now it just gives line 10: [undefined procedure: else] [else {forward}]
- CharlesCS
Cirrus
Try enclosing the test condition of the if statement in curly braces. 
lmwf1_55268I know this one looks a bit long compare to the aboves, but this one saved without any error and looks a bit easier for me to debug and maintain. Hope it helps.
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 192.168.246.151] and [TCP::local_port] == 25} {
snat 198.212.12.15
forward
} elseif { [IP::addr [IP::client_addr] equals 192.168.246.150] and [TCP::local_port] == 25} {
snat 198.212.12.150
forward
} else {
forward
}
}
