snat irule = modification

Question

I recently received some great iRules to work with in a former thread here:
https://devcentral.f5.com/questions/snat-irule-needed-11-mappingsanswer78001&nbsp;
This is for a non-http vs. If I use this iRule:
when CLIENTED_ACCEPTED {
    switch [IP::client_addr] {
        "10.10.10.10" { snat 192.169.42.10 }
        "10.10.10.11" { snat 192.168.42.11 }
        "10.10.10.12" { snat 192.168.42.12 }
        "10.10.10.13" { snat 192.168.42.13 }
        default { snat automap }
    }
}&nbsp;
Can I add a log statement like this to send a log entry that correlate the client ip address to the snat address? I didn't see a SNAT command. Also, since this is a switch statement where exactly does the log statement go?
 log  "Customer [IP::client_addr] requested {SNAT::ip_addr]???? --&gt; example here. I dont' know actual snat variable.&nbsp;

kevin_stewart · Answer

Try this:
when CLIENTED_ACCEPTED {
    switch [IP::client_addr] {
        "10.10.10.10" { 
            log local0. "Snatting 10.10.10.10 to 192.168.42.10"
            snat 192.169.42.10 
        }
        "10.10.10.11" { 
            log local0. "Snatting 10.10.10.11 to 192.168.42.11"
            snat 192.168.42.11 
        }
        "10.10.10.12" { 
            log local0. "Snatting 10.10.10.12 to 192.168.42.12"
            snat 192.168.42.12 
        }
        "10.10.10.13" { 
            log local0. "Snatting 10.10.10.13 to 192.168.42.13"
            snat 192.168.42.13 
        }
        default { 
            log local0. "Snatting [IP::client_addr] to automap"
            snat automap 
        }
    }
}

kevin_stewart · Answer

You're going to get a lot of logs though. Take a look at HSL for a better/faster option:&nbsp;
High Speed Logging&nbsp;

john_ogle_45372 · Answer

Thank you! for you assistance. I believe that will work just fine.&nbsp;

nitass · Answer

it is just another example. you may log in SERVER_CONNECTED event.
e.g.
root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm rule myrule
ltm rule myrule {
    when CLIENT_ACCEPTED {
  switch [IP::client_addr] {
    "10.10.10.10" { snat 192.169.42.10 }
    "10.10.10.11" { snat 192.168.42.11 }
    "10.10.10.12" { snat 192.168.42.12 }
    "10.10.10.13" { snat 192.168.42.13 }
    default { snat automap }
  }
}
when SERVER_CONNECTED {
  log local0. "client [IP::client_addr]:[TCP::client_port] snat [IP::local_addr]:[TCP::local_port] server [IP::server_addr]:[TCP::server_port]"
}
}

Forum Discussion

snat irule = modification

4 Replies

Bram - January 2026 Featured Member

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

run failover xxxxxx

Single LTM with multiple GTM domains

Question about adding VEs to existing physical appliance device group without ASM licenses

2026 301a exam

How can I measure Advanced WAF (ASM) throughput on a running BIG-IP VE (per VIP / per policy)?

Related Content

SNAT pool persistence

iRule for Conditional SNAT

Selective SNAT with iRules

SNAT IP address logging

iRules Style Guide

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS