SNAT only for outbonding connections to external IP addressess
I need to create a iRule to SNAT the outbonding connections ONLY when their destination is internet, i.e., when the destination IP address does not belong to the internal addresses (INTRANET):
10.9.0.0/16 are the INTRANET IP addresses.
220.127.116.11/24 are the private IP addresses.
18.104.22.168/24 are the (fictitious) PUBLIC IP addresses
When a *private* node (for instance, 22.214.171.124) tries to open a connection to internet (FTP, wget,...) the company firewall denies. Therefore, I must ask to security team to allow EVERY connection to go out through the firewall.
But if those outbonding connections might be originated from a PUBLIC IP address (for instance 126.96.36.199), no request to security team would be needed (because the firewall allows outbonding connections from any PUBLIC node). My idea is use SNAT ONLY in those cases.
What is the most event suitable event?
Thanx in advance