Forum Discussion

Cirrostratus

Nov 07, 2019

Solved

X-Fowraded-For with a UDP profile?

Hey, all. I have a request from a customer that they want to see the originating source IP (i.e. not the IP of the VIP) for logs they are receiving. Currently this is setup using a UDP protocol and U...

application delivery

iRules

LTM

Stephen_Anders1
Nov 07, 2019
In order to have any chance at doing this, you will need to do a stream rewrite or a payload and append operation. Since BigIP doesn't have a protocol parser for UDP, and since Syslog is not a request/response protocol, there are only when CLIENT_DATA events.
You will need to map out the current syslog message format and your rule might look very roughly like:

when CLIENT_DATA {
set sNewMsg "SourceIP:[IP::client_addr]:[UDP::payload]"
UDP::payload replace 0 0 $sNewMsg
}

Stephen_Anders1

Employee

Nov 07, 2019

In order to have any chance at doing this, you will need to do a stream rewrite or a payload and append operation. Since BigIP doesn't have a protocol parser for UDP, and since Syslog is not a request/response protocol, there are only when CLIENT_DATA events.

You will need to map out the current syslog message format and your rule might look very roughly like:

when CLIENT_DATA {

set sNewMsg "SourceIP:[IP::client_addr]:[UDP::payload]"

UDP::payload replace 0 0 $sNewMsg

}

Forum Discussion

X-Fowraded-For with a UDP profile?

Recent Discussions

Find GSLB pool membership from vip IP

Pool Members communication with B-party via F5 VIP

Server 2 causing application slowness

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Related Content

SSL Profiles

Server Profile SNI

Update your DevCentral user profile

DoS Profiles

iControl REST Cookbook - Virtual Server Profile (LTM Virtual Profiles)