Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

How can I use an irule to send the client's source IP over HSL without sending everything else?

Go to solution
Wasfi_Bounni
Cirrocumulus
Cirrocumulus

‎05-Nov-2020 04:50

Hi;

 

My question is related to the i-rule below. How can I define a HSL publisher with a filter and avoid sending all types of messages associated with that filter so that only a message showing the client source IP and source port is sent to the syslog server? I just don't want to log anything else relating to all other services and message ids.

 

Kindly

Wasfi

 

when CLIENT_ACCEPTED {

set hsl [HSL::open -publisher $static::general_remote_syslog_publisher]

HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"

}

 

 

 

 

 

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
PeteWhite
F5 Employee
F5 Employee

‎09-Nov-2020 07:20 - last edited on ‎04-Jun-2023 21:12 by Fog

Not too sure quite what you want but you can use the HSL command to create the HSL connection directly instead of going through a publisher: https://clouddocs.f5.com/api/irules/HSL__open.html

when CLIENT_ACCEPTED {
  set hsl [HSL::open -proto UDP -pool <HSL pool>]
  HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"
}

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
PeteWhite
F5 Employee
F5 Employee

‎09-Nov-2020 07:20 - last edited on ‎04-Jun-2023 21:12 by Fog

Not too sure quite what you want but you can use the HSL command to create the HSL connection directly instead of going through a publisher: https://clouddocs.f5.com/api/irules/HSL__open.html

when CLIENT_ACCEPTED {
  set hsl [HSL::open -proto UDP -pool <HSL pool>]
  HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"
}
0 Kudos

Go to solution
boneyard
MVP
MVP
In response to PeteWhite

‎15-Nov-2020 07:03

did the answer by Pete work for you Wasfi Bounni? if so please flag question as answered.

0 Kudos

Go to solution
Wasfi_Bounni
Cirrocumulus
Cirrocumulus
In response to PeteWhite

‎15-Nov-2020 12:44

Thank you Sir.

0 Kudos

Go to solution
Latchezar_Dimov
Nimbostratus
Nimbostratus
In response to PeteWhite

‎09-Feb-2022 04:57

Hello Pete,

Do I need to add more rows (like below) in order to collect the client IP or your rule do it? Our goal is to send the client IP over HSL for ldap service with SNAT.

example:
when SERVER_CONNECTED {
set client "[IP::client_addr]:[TCP::client_port]"
set snat "[IP::local_addr]:[TCP::local_port]"
set node "[IP::server_addr]:[TCP::server_port]"
}

0 Kudos
Copyright © 2023 Khoros, LLC