Nimbostratus
AltostratusThere are several other ways you could tackle this problem.
I think the simplest is to enable the "Insert X-Forwarded-For" in the http profile attached to your virtual server. Doing this, you will be able to parse the web servers' log files for the clients you are interested in.
Alternatively, you can add a simple irule to the virtual which logs to the BigIP itself, then you can log in the /var/log/ltm:
ltm data-group internal big-customer-class {
records {
10.1.2.3/32 { }
10.2.3.4/32 { }
10.3.4.5/32 { }
10.4.5.6/32 { }
}
type ip
}
ltm rule log-big-customers-rule {
when HTTP_REQUEST {
if { [class match [IP::client_addr] equals big-customer-class] } {
log "Customer [IP::client_addr] requested [HTTP::host][HTTP::uri]"
}
}
}
Or, you can do it the way you suggested, create a data-group with the client IPs and the corresponding SNAT addresses:
ltm data-group internal big-customer-class {
records {
10.1.2.3/32 { 192.168.1.1 }
10.2.3.4/32 { 192.168.1.2 }
10.3.4.5/32 { 192.168.1.3 }
10.4.5.6/32 { 192.168.1.4 }
}
type ip
}
ltm rule snat-big-customers-rule {
when HTTP_REQUEST {
if { [class match [IP::client_addr] equals big-customer-class] } {
snat [class match -value [IP::client_addr] equals big-customer-class]
}
}
}