Forum Discussion

Nimbostratus

Jun 08, 2017

Remove additional IP from XFF HTTP Header

I setup an LTM VIP with an iRule to XFF the client_addr in the HTTP header to destination but the traffic goes through a WAF. The WAF is adding a second IP to the HTTP Header which is the Float IP of...

application delivery

iRules

Morten_Marstran

Nimbostratus

Do you have control of all these devices? If so, is there any reason why you cannot remove the functionality that is inserting an XFF header on the WAF?

That way, you would only have the original client ip in the XFF header.

Morten_Marstran

Nimbostratus

Jun 13, 2017

Hi,

You could try this iRule on the backend LTM VIP. I haven't tested it, but it should work, as long as the ip's are split by a ","

when HTTP_REQUEST {
    if { [HTTP::header exists "X-Forwarded-For"] } {
        set original_ip [getfield [HTTP::header "X-Forwarded-For"] "," 1]
        HTTP::header replace "X-Forwarded-For" original_ip
    }
}

Forum Discussion

Remove additional IP from XFF HTTP Header

Recent Discussions

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Inquiry on F5's Maintenance Mode Feature for Pool Members

Ansible modules for F5OS

VPN fragmented IP packets dropped

Related Content

Remove the "Server" header

Remove X- Headers From Web Server Response

iRule to Remove Duplicate Header by Value

Re: F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP header

Remove Quotation marks