Forum Discussion

Altostratus

Jun 01, 2011

wanna record user_agent from specific client ip

Hi I have a requirement it seems impossible we want to record user_agent from some specific client ip when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] ...

Cirrostratus

Jun 01, 2011

Hi Jen,

In addition to Jason's info...

The reason it makes sense to do IP and port checks in CLIENT_ACCEPTED is that that clientside info can't change over the course of a TCP connection. If you're inspecting layer 7 content it makes sense to do it on each HTTP request as it could change on each request. If you want specific feedback on some of your more important or heavily used iRules, feel free to post an anonymized copy of them. We can give you some tips that you might be able to apply to the rest of your rules.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

wanna record user_agent from specific client ip

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Improve BIG-IP APM VPN speed with TLS dynamic record size

Enabling DNSSEC for 1 record only

Managing ZoneRunner Resource Records with Bigsuds

Attacks against Domain Specific Languages, EU Cybersecurity Laws, & Supply Chain Attacks

Persistence records point to 127.0.0.1:10001

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS