Forum Discussion

Cirrus

May 06, 2021

Solved

VIP Client Logging "Not RFC1918"

Hi, I have gone through the dev/central site and found an irule capturing VIP client connections . The problem I have is that I don't need to log internal IP space or RFC1918 networks. I want to log ...

devops

iRules

LTM

bwilliam
May 11, 2021
Thank you Alex for the response. I ended up going with this irule. Initially after applying the irule I was still logging the private networks. What I found is that I had to surround the private_net with quotes. After doing this I only saw public networks.

Now I need to send it to a remote syslog instead of logging local0. I just have to research how those lines of code will look like.

when HTTP_REQUEST { if { not ([class match [IP::client_addr] equals "private_net"])} { log local0. "clientIP:[IP::client_addr] accessed [HTTP::host][HTTP::uri]"} }

bwilliam

Cirrus

May 11, 2021

Thank you Alex for the response. I ended up going with this irule. Initially after applying the irule I was still logging the private networks. What I found is that I had to surround the private_net with quotes. After doing this I only saw public networks.

Now I need to send it to a remote syslog instead of logging local0. I just have to research how those lines of code will look like.

when HTTP_REQUEST {
  if { not ([class match [IP::client_addr] equals "private_net"])} {
 
  log local0. "clientIP:[IP::client_addr] accessed
  [HTTP::host][HTTP::uri]"}
}