Forum Discussion
Daniel_Wolf
Feb 15, 2021MVP
Hi,
how about using an Access Policy Agent event for per-request policy in an iRule. Here is an example iRule.
when HTTP_REQUEST {
if { [HTTP::header values "X-Forwarded-For"] ne "" } {
log local0. "X-Forwarded-For: [HTTP::header X-Forwarded-For]"
set clientip [getfield [HTTP::header X-Forwarded-For] "," 1]
}
}
when ACCESS_PER_REQUEST_AGENT_EVENT {
if { [ACCESS::perflow get perflow.irule_agent_id] eq "EVENT_NAME" } {
ACCESS::perflow set perflow.custom $clientip
}
}
This will check if the header is set and if it exists it will write the IP to a variable and also will log it to /var/log/ltm.
Then, once matching an Access Policy Agent event for per-request policies (in this example the event is called EVENT_NAME) it will reuse this variable and write to IP the to perflow.custom variable. This perflow variable you could use as a gating category.