cancel
Showing results for 
Search instead for 
Did you mean: 

Where is a class match list located?

Chris_Olson
Nimbostratus
Nimbostratus

Excuse my ignorance. We created an irule years ago. It has worked well. We are moving data centers and I need to recreate the same. I don't know where to find the "private_net" file listed below. I want to compare that with what our new IP structure will be so I can duplicate.

 

ltm rule selective_snat_internal_nets {

  when CLIENT_ACCEPTED {

  if { [ class match [IP::client_addr] equals private_net] } {

   snat automap

  }

 }

}

 

1 ACCEPTED SOLUTION

Beaker
Cirrus
Cirrus

It is a internal data group that is on the F5 by deafult. It is located under:

iRules>>Data Group List

 

Is basically an address list of the private subnets:

10.0.0.0/8

172.16.0.0/12

192.1468.0.0/16

 

View solution in original post

5 REPLIES 5

It seems to be Data Group file. It can be found under,

System > File Management > Data Group File List.

 

Hope it helps!

 

Mayur

Beaker
Cirrus
Cirrus

It is a internal data group that is on the F5 by deafult. It is located under:

iRules>>Data Group List

 

Is basically an address list of the private subnets:

10.0.0.0/8

172.16.0.0/12

192.1468.0.0/16

 

Chris_Olson
Nimbostratus
Nimbostratus

No luck. I can't even find the /system directory. Does anyone have the FULL path?

If you are trying to see the setting via the terminal

Here is where external data groups Files are stored:

/config/filestore/files_d/Common_d/data_group_d

 

Internal data groups are stored as part of the bigip.conf

you will need to search for ltm data-group internal /Common/<data group name> within the conf file.

 

Through the REST Api you can see the contents from this path

https://<f5.addess>/mgmt/tm/ltm/data-group/internal/

https://<f5.addess>/mgmt/tm/ltm/data-group/external/

 

From there you can drill down further to specific data_groups

Chris_Olson
Nimbostratus
Nimbostratus

Thank you Beaker. This is what I was looking for. Sadly, I still can't find the file yet but we are in managed environment and don't have full access. This is enough for me to point our DC vendor in the right direction.