SNAT iRule

Question

Hi,  
&nbsp; Quick one, have a subnet 10.1.1.0/24 &amp; want to perform Vip bounce back, using snat_pool range 10.1.1.1 - 10  
&nbsp;  
&nbsp; Bigip Self add is 10.1.1.11/24 
&nbsp;  
&nbsp; Now if the requirement is incase http/https request is from another subnet dont SNAT.  
&nbsp;  
&nbsp; If request is from the same subnet  10.1.1.0/24 SNAT it. 
&nbsp;  
&nbsp; Can someone help me to write a iRule for this.  
&nbsp;  
&nbsp; Thanks.

hoolio · Answer

Hi, 
  
 If you create a SNAT pool containing the 10.1.1.1 - .10 IP's named snatpool_10.1.1.0, you can use an iRule like this:

when CLIENT_ACCEPTED { 
  
     Check if client is in 10.1.1.0/24 subnet 
    if {[IP::addr [IP::client_addr] equals 10.1.1.0/24]}{ 
  
        Use the snatpool 
       snatpool snatpool_10.1.1.0 
    } 
 }

Aaron

Forum Discussion

SNAT iRule

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

SNAT pool persistence

iRules Style Guide

Selective SNAT with iRules

Understanding SNAT

Selective SNAT

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS