cancel
Showing results for 
Search instead for 
Did you mean: 

Multiple ip's visible in XFF header, would need only the last ip address

bsb
Nimbostratus
Nimbostratus

Hi, have enabled XFF header, but could see more than one ip is reflecting in downstream devices.

we can fix it with iRule, but binding iRules in all the virtual servers increases overhead on CPU/Memory,

is there a way to restrict last know public ip being retained in XFF header.

1 REPLY 1

Hello Bsb.

 

iRules are very efficient, don't worry about performance when you only need to include a XFF header.

 

One solution would be:

when HTTP_REQUEST { HTTP::header remove X-Custom-XFF HTTP::header insert X-Custom-XFF [IP::remote_addr] }

Using the HTTP profile, you could try modifying the XFF header name

See option "XFF Alternative Names".

REF - https://support.f5.com/csp/article/K40243113

 

Regards,

Dario.

Regards,
Dario.