Forum Discussion
X-Forwarded-for Header Insertion
In a lab setup, I wrote an irule to insert an X-forwarder-for header if one doesn't exist and using snat automap.
The Ip address I see on the webserver is the SNAT (floating) IP address which is what I'm supposed to see (using tcpdump)
However, I'm not able to see the X-forwarded-for header inserted using tcpdump.
Is there another easy way to see this header?
Thanks
- Arie
Altostratus
Have you considered using the standard "insert X-forwarded-for" option in the profile? - richard_77048
Nimbostratus
I would either configure my webserver to log the X-Forwarded-For header and look in the access logs or capture a bunch of packet with the -w outfile option and then look at it in Wireshark. You can then use the "Follow TCP Stream" option in Wireshark. - Andy_O_4935
Nimbostratus
Hi Arie, - Michael_Yates
Nimbostratus
Hi Andy,when HTTP_REQUEST { if { [HTTP::header exists "X-Forwarded-For"] } { log local0. "X-Forward IP: [HTTP::header values "X-Forwarded-For"]" log local0. "Client IP: [IP::client_addr]" } }
- Arie
Altostratus
Ah - I hadn't caught on to the fact that this header could already exist in your setup. - In a lab setup, I wrote an irule to insert an X-forwarder-for header if one doesn't exist and using snat automap.The Ip address I see on the webserver is the SNAT (floating) IP address which is what I'm supposed to see (using tcpdump)However, I'm not able to see the X-forwarded-for header inserted using tcpdump
when HTTP_REQUEST { HTTP::header replace "X-Forward-For" [IP::client_addr] check /var/log/ltm !! log local0. "[HTTP::request]" }
- nitass
Employee
this is mine.[root@iris:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.17.33:http ip protocol tcp rules myrule profiles { http {} tcp {} } } [root@iris:Active] config b pool foo list pool foo { members 10.10.70.110:http {} } [root@iris:Active] config b rule myrule list rule myrule { when HTTP_REQUEST { if {not [HTTP::header exists "X-Forwarded-For"]} { HTTP::header insert X-Forwarded-For [IP::client_addr] } } } [root@iris:Active] config ssldump -Aed -nni 0.0 port 80 New TCP connection 1: 172.28.17.20(54179) <-> 172.28.17.33(80) 1320232511.5958 (0.0011) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.17.33 Accept: */* --------------------------------------------------------------- New TCP connection 2: 10.10.72.30(54179) <-> 10.10.70.110(80) 1320232511.5962 (0.0003) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.17.33 Accept: */* X-Forwarded-For: 172.28.17.20
- Arun_02_139047
Nimbostratus
Hi Guys - I have a requirement to use Insert X-Forwarded-For for a TCP Profile. Can you guys advise how I can do that? I have RabbitMQ Queues behind F5 on TCP port 5672. Thanks! -arun.
- nitass_89166
Noctilucent
this is mine.[root@iris:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.17.33:http ip protocol tcp rules myrule profiles { http {} tcp {} } } [root@iris:Active] config b pool foo list pool foo { members 10.10.70.110:http {} } [root@iris:Active] config b rule myrule list rule myrule { when HTTP_REQUEST { if {not [HTTP::header exists "X-Forwarded-For"]} { HTTP::header insert X-Forwarded-For [IP::client_addr] } } } [root@iris:Active] config ssldump -Aed -nni 0.0 port 80 New TCP connection 1: 172.28.17.20(54179) <-> 172.28.17.33(80) 1320232511.5958 (0.0011) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.17.33 Accept: */* --------------------------------------------------------------- New TCP connection 2: 10.10.72.30(54179) <-> 10.10.70.110(80) 1320232511.5962 (0.0003) C>S --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.17.33 Accept: */* X-Forwarded-For: 172.28.17.20
- Arun_02_139047
Nimbostratus
Hi Guys - I have a requirement to use Insert X-Forwarded-For for a TCP Profile. Can you guys advise how I can do that? I have RabbitMQ Queues behind F5 on TCP port 5672. Thanks! -arun.
- Kevin_Stewart
Employee
I have a requirement to use Insert X-Forwarded-For for a TCP Profile. Can you guys advise how I can do that?
The X-Forwarded-For header is only for HTTP traffic. Assuming you need this to send the client's true source address to the server with SNAT applied, you might be able to inject the source into the TCP payload, but that depends entirely on the protocol and the server's ability to retrieve it.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com