Forum Discussion

Sean_Phillips_1's avatar
Sean_Phillips_1
Icon for Nimbostratus rankNimbostratus
Feb 05, 2013

Help! Header Insert Not Working~

I tried as many ways as I can think of to get the remote ip address of the requesting client inserted into the header and cannot seem to get it working. I wiresharked it and I can get it listed in the cookie but not a field in the header. What am I doing wrong???? Below I created an irule using many methods to see which one worked can someone look and give your thoughts? NOTE: this rule has multiple methods I was trying everything

 

 

 

when CLIENT_ACCEPTED {

 

set client_src_ip_v0 [ IP::remote_addr ]

 

}

 

 

when HTTP_REQUEST {

 

HTTP::header insert CLT_SRC_IP_v0 $client_src_ip_v0

 

HTTP::header insert CLT_SRC_IP_v1 [IP::remote_addr]

 

HTTP::header insert lws CLT_SRC_IP_v2 [IP::remote_addr]

 

HTTP::header insert X-Forwarded-For [IP::remote_addr]

 

HTTP::header insert_modssl_fields addr addr addr

 

log local0. "X-Forward IP: [HTTP::header values "X-Forwarded-For"]"

 

log local0. "Client IP: [IP::remote_addr]"

 

}

 

Thanks

 

8 Replies

  • All of those methods should work. Where are you looking for the header? It should be arriving at the server. You won't see it on the client side.
  • Can you insert any other arbitrary header in the HTTP_REQUEST and see it at the server?

     

     

    Try 'HTTP::header replace'.
  • I'd suggest you remove the white space from this line: set client_src_ip_v0 [ IP::remote_addr ] so its: set client_src_ip_v0 [IP::remote_addr]

     

    Then add a log message in that event as follows: log local0. "$client_src_ip_v0" to ensure that's working.

     

    Also, why are you using [IP::remote_addr] later in the rule when you've set a variable for it earlier?

     

    If that's all OK try commenting out all but the first header insert and doing your capture again and then adding one by one.

     

    +Plus what Kevin said! =]

     

  • All of those above choices should have worked. Alternativly, there should be an option in the HTTP profile called "Insert X-Forwarded-For". Just setting that to enabled should do what you are looking for.

     

    But if your above iRule isn't inserting headers at all, there may be other configuration issues going on. Have you opened a case with support?

     

  • have you tried tcpdump on bigip?

    e.g.

    [root@ve10:Active] config  b virtual bar list
    virtual bar {
       snat automap
       pool foo
       destination 172.28.19.252:80
       ip protocol 6
       rules myrule
       profiles {
          http {}
          tcp {}
       }
    }
    [root@ve10:Active] config  b pool foo list
    pool foo {
       members 200.200.200.101:80 {}
    }
    [root@ve10:Active] config  b rule myrule list
    rule myrule {
       when CLIENT_ACCEPTED {
       set client_src_ip_v0 [ IP::remote_addr ]
    }
    
    when HTTP_REQUEST {
       HTTP::header insert CLT_SRC_IP_v0 $client_src_ip_v0
       HTTP::header insert CLT_SRC_IP_v1 [IP::remote_addr]
       HTTP::header insert lws CLT_SRC_IP_v2 [IP::remote_addr]
       HTTP::header insert X-Forwarded-For [IP::remote_addr]
       HTTP::header insert_modssl_fields addr addr addr
       log local0. "X-Forward IP:  [HTTP::header values "X-Forwarded-For"]"
       log local0. "Client IP:  [IP::remote_addr]"
    }
    }
    
     tcpdump
    
    [root@ve10:Active] config  ssldump -Aed -nni 0.0 port 80
    New TCP connection 1: 172.28.19.251(48890) <-> 172.28.19.252(80)
    1360482736.7723 (0.0011)  C>S
    ---------------------------------------------------------------
    GET /something HTTP/1.1
    User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
    Host: 172.28.19.252
    Accept: */*
    
    ---------------------------------------------------------------
    
    New TCP connection 2: 200.200.200.10(48890) <-> 200.200.200.101(80)
    1360482736.7743 (0.0010)  C>S
    ---------------------------------------------------------------
    GET /something HTTP/1.1
    User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
    Host: 172.28.19.252
    Accept: */*
    CLT_SRC_IP_v0: 172.28.19.251
    CLT_SRC_IP_v1: 172.28.19.251
    CLT_SRC_IP_v2: 172.28.19.251
    X-Forwarded-For: 172.28.19.251
    ClientIPAddress: 172.28.19.251
    
    ---------------------------------------------------------------
    
     /var/log/ltm
    
    [root@ve10:Active] config  tail -f /var/log/ltm
    Feb 10 15:51:51 local/tmm notice tmm[4884]: 013e0001:5: Tcpdump starting bcast on :::0 from 127.1.1.1:42237
    Feb 10 15:52:16 local/tmm info tmm[4884]: Rule myrule : X-Forward IP:  172.28.19.251
    Feb 10 15:52:16 local/tmm info tmm[4884]: Rule myrule : Client IP:  172.28.19.251
    Feb 10 15:52:19 local/tmm notice tmm[4884]: 013e0002:5: Tcpdump stopping on 127.1.1.2:34967 from 127.1.1.1:42237