Forum Discussion
aj1
Dec 02, 2014Nimbostratus
Thank you for the quick response. I tried the above link, but that is SNATing in the opposite direction (outside client to inside server). I can confirm the same from tcpdump and the logs.
irule:
when CLIENT_ACCEPTED {
if { [IP::addr [IP::local_addr] equals 172.27.50.5/32] } {
set is_snat 1
snat 197.81.211.230
}
elseif {[class match -- [IP::local_addr] equals onCampus_networks]} {
set is_snat 0
snat none
}
else {
set is_snat 1
snatpool snat_pool
}
}
when SERVER_CONNECTED {
if {$is_snat} {
log local0. "Server [IP::client_addr]:[TCP::client_port] SNATed to [IP::local_addr]:[TCP::local_port] for connecting to [IP::remote_addr]:[TCP::remote_port]"
}
}
tcpdump:
tcpdump -nni 0.0 -s0 "(host 172.27.50.5 and icmp)"
16:30:00.904799 IP 198.82.162.116 > 172.27.50.5: ICMP echo request, id 34882, seq 512, length 76 in slot1/tmm2 lis=
16:30:00.904853 IP 197.81.211.230 > 172.27.50.5: ICMP echo request, id 34882, seq 512, length 76 out slot1/tmm2 lis=/Common/vs_wildcard_forwarding
16:30:00.905081 IP 172.27.50.5 > 197.81.211.230: ICMP echo reply, id 34882, seq 512, length 76 in slot1/tmm1 lis=
16:30:00.905951 IP 172.27.50.5 > 198.82.162.116: ICMP echo reply, id 34882, seq 512, length 76 out slot1/tmm2 lis=/Common/vs_wildcard_forwarding
- nitassDec 02, 2014Employeein client-side event such as CLIENT_ACCEPTED, IP::local_addr is destination ip and IP::remote_addr or IP::client_addr is source (client) ip. in server-side event such as SERVER_CONNECTED, IP::local_addr is source ip (snat'ed ip) and IP::remote_addr or IP::server_addr is destination (server/pool member) ip.