APM set x-forward-for ip as perflow.client.ip.address

Question

hii need to set the x-forwrd-for ip as perflow.client.ip.address value.i have enabled accept x-forward for in http profile, but still perflow.client.ip.address get the actual client ip.&nbsp;how can i achieve this.&nbsp;

daniel_wolf · Answer

Hi,how about using an Access Policy Agent event for per-request policy in an iRule. Here is an example iRule.when HTTP_REQUEST {
    if { [HTTP::header values "X-Forwarded-For"] ne "" } {
        log local0. "X-Forwarded-For: [HTTP::header X-Forwarded-For]"
        set clientip [getfield [HTTP::header X-Forwarded-For] "," 1]
    }
}
&nbsp;
when ACCESS_PER_REQUEST_AGENT_EVENT {
    if { [ACCESS::perflow get perflow.irule_agent_id] eq "EVENT_NAME" } {
        ACCESS::perflow set perflow.custom $clientip  
    }
}This will check if the header is set and if it exists it will write the IP to a variable and also will log it to /var/log/ltm.Then, once matching an Access Policy Agent event for per-request policies  (in this example the event is called EVENT_NAME) it will reuse this variable and write to IP the to perflow.custom variable. This perflow variable you could use as a gating category.

ragunath154 · Answer

&nbsp; thanks it working as excepted.

Forum Discussion

APM set x-forward-for ip as perflow.client.ip.address

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

X-Forwarded-For on L4 VS

TCP Option 28 X-Forwarded-For Header

Extracting X-Forwarded-For in Node.js

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header