Forum Discussion

Nimbostratus

Jul 09, 2014

X-FORWARDED-FOR AND ERASING SNAT IP FROM APACACHE LOGS

I am using x-forwarded-for and the web server admins would like to not see the snat ip in the logs. Currently I see both the client and snat ip. The client being 208.97.218.10 and snat 10.128.254.1...

application delivery

BIG-IP Access Policy Manager (APM)

Employee

Jul 09, 2014

The XFF header is a layer 7 object, while the SNAT address is a layer 4 value. You cannot use an iRule to change the SNAT address without altering routing and potentially defeating the reason you're using SNAT in the first place.

I would suggest tailoring the Apache log config to ignore the source address, the %h LogFormat value, and perhaps replacing it with the XFF header value \"%{X-Forwarded-For}i\"

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)