Forum Discussion

Wasfi_Bounni's avatar
Wasfi_Bounni
Icon for Cirrocumulus rankCirrocumulus
Nov 05, 2020
Solved

How can I use an irule to send the client's source IP over HSL without sending everything else?

Hi;

 

My question is related to the i-rule below. How can I define a HSL publisher with a filter and avoid sending all types of messages associated with that filter so that only a message showing the client source IP and source port is sent to the syslog server? I just don't want to log anything else relating to all other services and message ids.

 

Kindly

Wasfi

 

when CLIENT_ACCEPTED {

set hsl [HSL::open -publisher $static::general_remote_syslog_publisher]

HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"

}

 

 

 

 

 

 

application delivery
iRules
LTM
  • PeteWhite's avatar
    PeteWhite
    Nov 09, 2020

    Not too sure quite what you want but you can use the HSL command to create the HSL connection directly instead of going through a publisher: https://clouddocs.f5.com/api/irules/HSL__open.html

    when CLIENT_ACCEPTED {
  set hsl [HSL::open -proto UDP -pool <HSL pool>]
  HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"
}

4 Replies

Sort By
  • PeteWhite's avatar
    PeteWhite
    Icon for Employee rankEmployee
    Nov 09, 2020

    Not too sure quite what you want but you can use the HSL command to create the HSL connection directly instead of going through a publisher: https://clouddocs.f5.com/api/irules/HSL__open.html

    when CLIENT_ACCEPTED {
  set hsl [HSL::open -proto UDP -pool <HSL pool>]
  HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"
}
    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP
      Nov 15, 2020

      did the answer by Pete work for you Wasfi Bounni? if so please flag question as answered.

    • Latchezar_Dimov's avatar
      Latchezar_Dimov
      Icon for Nimbostratus rankNimbostratus
      Feb 09, 2022

      Hello Pete,

      Do I need to add more rows (like below) in order to collect the client IP or your rule do it? Our goal is to send the client IP over HSL for ldap service with SNAT.

      example:
      when SERVER_CONNECTED {
      set client "[IP::client_addr]:[TCP::client_port]"
      set snat "[IP::local_addr]:[TCP::local_port]"
      set node "[IP::server_addr]:[TCP::server_port]"
      }