We use the F5 XC and want to bypass the WAF rules if traffic comming from specific IP address in X-forwarder-for field,
X-forwarder-for Field contail Multiple IP address and if any of the IP matches to the list , XC should bypass the WAF rules
E.g. Http header x-forwarded-for : 188.8.131.52; 184.108.40.206 , requirement is to bypass WAF Rule for the IP 220.127.116.11
Solved! Go to Solution.
@vikas_Patil did you manage to make this work?
Maybe to match a specific ip address when there are many in the HTTP XFF header you can use regex. To match a single IP address you can try the regex (1\.1\.1\.1) where 18.104.22.168 is the IP address and soon I will publish an F5 community article about this as I played with the feature a little.
As @Sudhir_Patamsetti mentioned there is this option that I have not used yet but it is interesting if it will work with multiple ip addreesses in the HTTP header. If the rule has the option to select something like "contains" in the value of a specific HTTP header then it shouldn't be an issue. If you see issues you may need to modify your proxy devices to also add another header that has just one ip address and use that in the Distributed Cloud XC rules.