Forum Discussion

Altostratus

Nov 19, 2012

SRC and DST Match Irule for NATting

I have the following irule, using two datagroups. The DG_DEST datagroup has a value that is a snatpool name. I need to set the snatpoolname variable to this value. What is the best way to do that wit...

Altostratus

Nov 20, 2012

With a bit of modification to the iRule to get it working properly, the matching part between the two DG's are working perfectly. However, if a SRC IP initiates that is not in the DG_SRC, it does not go to the else statement.


when CLIENT_ACCEPTED {
 This iRule would NAT the source IP in the DG_SRC and match it to a destination in DG_DEST
 and then snat to the snatpool defined in DG_DST as the value corresponding to the name.
 if { [class match [IP::client_addr] equals "DG_SRC" ] } {
  set snatip [class match -value [IP::local_addr] equals "DG_DST" ]]
  if { not ($snatip equals "") } {
   log local0. "[IP::client_addr] going to [IP::local_addr] got Natted to $snatip"
   snat $snatip
   }
 }
 else { forward
log local0. "[IP::client_addr] going to [IP::local_addr] did NOT get Natted!!!"
}
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)