In testing this with a customer who was using Squid, we saw the most recent IP appended to the XFF header. Are you sure you want to take the first IP in the list?
If so, you can use something like this:
when HTTP_REQUEST {
Select the prodpool by default
pool prodpool
Check if XFF header has a value
if {[HTTP::header "X-Forwarded-For"] ne ""}{
Some proxies append their XFF value to any existing XFF header.
Check if XFF header value contains a comma
if {[HTTP::header "X-Forwarded-For"] contains ","}{
Split the XFF header into a list on commas or spaces and take the first element
set xff [lindex [split [HTTP::header value "X-Forwarded-For"] ", "] 0]
} else {
set xff [HTTP::header "X-Forwarded-For"]
}
Check if XFF value is in the class
if {[matchclass $xff equals $::pre_test_address_list]} {
pool dummypool
}
}
}
Aaron