Forum Discussion

Cirrus

Mar 23, 2017

X-Forwarded-For through proxy and F5

My organization recently got the ASM module when they purchased a pair of 5250Vs. I've never used ASM before and we don't have anyone in our organization that has either, so I'm learning on the fly. ...

Cirrus

Mar 27, 2017

The below code will check for X-Forwarded-For header. If id does not exist it will grab the client address and insert X-Forwarded-For Header in the request.

i.e if proxy already inserted X-Forwarded-For no need to worry as it will have the client IP. If not coming through proxy, insert XFF header with the client IP. Will this help ? Bit modified from Soda's iRule.

when HTTP_REQUEST {     
        if {not ([HTTP::header exists "X-Forwarded-For"])} {
          set XFF [IP::remote_addr]
          HTTP::header insert "X-Forwarded-For" $XFF
        }
 }

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

X-Forwarded-For through proxy and F5

Recent Discussions

Problem with lets encrypt and redirect after update

Should config via cli rather than gui?

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

question about getting hsl data to be formatted properly in splunk

iRule for client certificate verification and inserting CN

Related Content

Extracting X-Forwarded-For in Node.js

TCP Option 28 X-Forwarded-For Header

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

X-Forwarded-For Log Filter for Windows Servers

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS