cancel
Showing results for 
Search instead for 
Did you mean: 

iRules: Putting the source port of a client in a HTTP header to a backend for logging

René_Posthumus
Nimbostratus
Nimbostratus

Hi everybody,

 

I'm up to a challenge. We need to be able to record the source IP and port of a client to do some extra logging, but i'm missing something, or maybe it's not possible at all. I got this far that i'm able to log the source port to the local log, but the variable it is stored in, looks unavailable to the HTTP_REQUEST event but only to the SERVER_CONNECTED event. Is there any way to accomplish the thing i need using iRules?

 

The current rule:

 

when SERVER_CONNECTED {   set clientsourceport [TCP::client_port]   set curtime [clock seconds]   set formattedtime [clock format $curtime -format {%T} ]   set client_ip [IP::client_addr]      log local0. "Connection on $formattedtime from $client_ip with source port $clientsourceport."   }    when HTTP_REQUEST {   HTTP::header insert X-Client-Source-Port "$clientsourceport"   log local0. "Request headers [HTTP::request]" }

Results in  <HTTP_REQUEST> - can't read "clientsourceport": no such variable   while executing "HTTP::header insert X-Client-Source-Port "$clientsourceport""

 

Does anyone have a solution to this?

 

Regards,

René

 

1 REPLY 1

René_Posthumus
Nimbostratus
Nimbostratus

Figured out myself using some other posts, i had to use CLIENT_ACCEPTED instead of SERVER_CONNECTED event. Now it works fine! 😀

 

So to be complete, this is the code:

 

when CLIENT_ACCEPTED { set clientsourceport [TCP::client_port] set curtime [clock seconds] set formattedtime [clock format $curtime -format {%T} ] set client_ip [IP::client_addr] log local0. "Connection on $formattedtime from $client_ip with source port $clientsourceport." } when HTTP_REQUEST { HTTP::header insert X-Client-Source-Port "$clientsourceport" log local0. "Request headers [HTTP::request]" }