Forum Discussion
pmaubo3_109863
Nimbostratus
NimbostratusX-Forward-For irule
There is an irule in place which was there before I started working at my position.
See below
when HTTP_REQUEST {
if {[HTTP::header exists X-Forwarded-For]}{
HTTP...
nitass
Employee
Employeei do not think the irule fails all the time. it looks okay to me. can you add more log command or capture packet while problem is happening?
[root@ve1023:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.19.79:80
ip protocol 6
rules myrule
profiles {
http {}
tcp {}
}
}
[root@ve1023:Active] config b pool foo list
pool foo {
members 200.200.200.101:80 {}
}
[root@ve1023:Active] config b rule myrule list
rule myrule {
when HTTP_REQUEST {
log local0. "\[getfield \[IP::client_addr\] % 1\]: [getfield [IP::client_addr] % 1]"
if {[HTTP::header exists X-Forwarded-For]}{
log local0. "\[HTTP::header X-Forwarded-For\]: [HTTP::header X-Forwarded-For]"
HTTP::header replace X-Forwarded-For "[HTTP::header X-Forwarded-For], [getfield [IP::client_addr] % 1]"
} else {
HTTP::header insert X-Forwarded-For [getfield [IP::client_addr] % 1]
}
}
}
X-Forwarded-For header exists in request.
[root@ve1023:Active] config ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.19.253(43292) <-> 172.28.19.79(80)
1328770680.1202 (0.0030) C>S
---------------------------------------------------------------
HEAD / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8r zlib/1.2.3 libidn/0.6.5
Host: 172.28.19.79
Accept: */*
X-Forwarded-For: 1.1.1.1
---------------------------------------------------------------
New TCP connection 2: 200.200.200.10(43292) <-> 200.200.200.101(80)
1328770680.1222 (0.0011) C>S
---------------------------------------------------------------
HEAD / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8r zlib/1.2.3 libidn/0.6.5
Host: 172.28.19.79
Accept: */*
X-Forwarded-For: 1.1.1.1, 172.28.19.253
---------------------------------------------------------------
[root@ve1023:Active] config cat /var/log/ltm
Feb 8 22:57:41 local/tmm notice tmm[4369]: 013e0001:5: Tcpdump starting bcast on :::0 from 127.1.1.1:44072
Feb 8 22:58:00 local/tmm info tmm[4369]: Rule myrule : [getfield [IP::client_addr] % 1]: 172.28.19.253
Feb 8 22:58:00 local/tmm info tmm[4369]: Rule myrule : [HTTP::header X-Forwarded-For]: 1.1.1.1
Feb 8 22:58:03 local/tmm notice tmm[4369]: 013e0002:5: Tcpdump stopping on 127.1.1.2:3936 from 127.1.1.1:44072
X-Forwarded-For does not exist.
[root@ve1023:Active] config ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.19.253(43294) <-> 172.28.19.79(80)
1328770729.9791 (0.0019) C>S
---------------------------------------------------------------
HEAD / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8r zlib/1.2.3 libidn/0.6.5
Host: 172.28.19.79
Accept: */*
---------------------------------------------------------------
New TCP connection 2: 200.200.200.10(43294) <-> 200.200.200.101(80)
1328770729.9802 (0.0010) C>S
---------------------------------------------------------------
HEAD / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8r zlib/1.2.3 libidn/0.6.5
Host: 172.28.19.79
Accept: */*
X-Forwarded-For: 172.28.19.253
---------------------------------------------------------------
[root@ve1023:Active] config cat /var/log/ltm
Feb 8 22:58:44 local/tmm notice tmm[4369]: 013e0001:5: Tcpdump starting bcast on :::0 from 127.1.1.1:34286
Feb 8 22:58:49 local/tmm info tmm[4369]: Rule myrule : [getfield [IP::client_addr] % 1]: 172.28.19.253
Feb 8 22:58:52 local/tmm notice tmm[4369]: 013e0002:5: Tcpdump stopping on 127.1.1.2:3937 from 127.1.1.1:34286
