Forum Discussion

Erick_Hammersm1's avatar
Erick_Hammersm1
Historic F5 Account
Feb 02, 2007

How to replace only second instance of header?

I'm trying to write a rule that will take an HTTP request that contains two "X-Forwarded-For" headers and rename only the second one. Is there any way to accomplish this in v9.1.2? I can get it done with "HTTP::header values", but v9.4 is not an option for these devices right now.
application delivery
dev
devops
iRules

2 Replies

Sort By
  • Danielseyoum's avatar
    Danielseyoum
    Icon for Altostratus rankAltostratus
    Feb 14, 2007
    Try the getfield command:

     

    getfield

     

    I am not sure of the separator of the host header string (replace ":" with the appropriate separator) and use 2 for the field_number

     

     

    when HTTP_REQUEST {

     

    [getfield [HTTP::header] ":" 2]

     

    }

     

  • Erick_Hammersm1's avatar
    Erick_Hammersm1
    Historic F5 Account
    Feb 15, 2007
    Thanks for the replies. Unfortunately, [HTTP::header] isn't valid syntax. You have to pass it the name of the header you want to process, and it only ever returns the first header with that name (this was resolved in v9.4 with "HTTP::header values", which returns all values for a header). If I was using v9.2, I could use "HTTP::request" to get the whole request and parse out the headers I'm looking for, but I need a solution for v9.1.2.

    Fortunately, I was able to attack my problem from another angle. The initial problem statement was "modify a request's second X-Forwarded-For" header, but it turned out that the last X-Forwarded-For header was being inserted by the BIG-IP's HTTP profile. Turning off the X-Forwarded-For functionality in the profile let me add smarter functionality in the rule:

    when HTTP_REQUEST {
  if { [HTTP::header exists X-Forwarded-For] } {
    HTTP::header insert Akamai-Peer-IP [IP::remote_addr]
  } else {
    HTTP::header insert X-Forwarded-For [IP::remote_addr]
  }
}