Forum Discussion

John_Ogle_45372's avatar
John_Ogle_45372
Icon for Nimbostratus rankNimbostratus
Aug 20, 2013

snat irule = modification

I recently received some great iRules to work with in a former thread here: https://devcentral.f5.com/questions/snat-irule-needed-11-mappingsanswer78001

 

This is for a non-http vs. If I use this iRule: when CLIENTED_ACCEPTED { switch [IP::client_addr] { "10.10.10.10" { snat 192.169.42.10 } "10.10.10.11" { snat 192.168.42.11 } "10.10.10.12" { snat 192.168.42.12 } "10.10.10.13" { snat 192.168.42.13 } default { snat automap } } }

 

Can I add a log statement like this to send a log entry that correlate the client ip address to the snat address? I didn't see a SNAT command. Also, since this is a switch statement where exactly does the log statement go? log "Customer [IP::client_addr] requested {SNAT::ip_addr]???? --> example here. I dont' know actual snat variable.

 

4 Replies

  • Try this:

    when CLIENTED_ACCEPTED {
        switch [IP::client_addr] {
            "10.10.10.10" { 
                log local0. "Snatting 10.10.10.10 to 192.168.42.10"
                snat 192.169.42.10 
            }
            "10.10.10.11" { 
                log local0. "Snatting 10.10.10.11 to 192.168.42.11"
                snat 192.168.42.11 
            }
            "10.10.10.12" { 
                log local0. "Snatting 10.10.10.12 to 192.168.42.12"
                snat 192.168.42.12 
            }
            "10.10.10.13" { 
                log local0. "Snatting 10.10.10.13 to 192.168.42.13"
                snat 192.168.42.13 
            }
            default { 
                log local0. "Snatting [IP::client_addr] to automap"
                snat automap 
            }
        }
    }
    
  • it is just another example. you may log in SERVER_CONNECTED event.

    e.g.

    root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm rule myrule
    ltm rule myrule {
        when CLIENT_ACCEPTED {
      switch [IP::client_addr] {
        "10.10.10.10" { snat 192.169.42.10 }
        "10.10.10.11" { snat 192.168.42.11 }
        "10.10.10.12" { snat 192.168.42.12 }
        "10.10.10.13" { snat 192.168.42.13 }
        default { snat automap }
      }
    }
    when SERVER_CONNECTED {
      log local0. "client [IP::client_addr]:[TCP::client_port] snat [IP::local_addr]:[TCP::local_port] server [IP::server_addr]:[TCP::server_port]"
    }
    }