iRule to SNAT only for requests sent to specific destination.

Question

Obligatory, newish to iRule. Wondering if this iRule will take any requests from 1.1.1.1 destined for IP specified in "remote_net" class will and SNAT them, otherwise no SNAT. I think this will work, just looking for confirmation.
when CLIENT_ACCEPTED {  
    if { ([class match [IP::client_addr] equals 1.1.1.1]) and ([class match [IP::remote_addr]   equals remote_net]) } {
        snatpool snatpool_remote  
    }  
}

faruk_aydin · Answer

do not use "class match" in the first part of your "if" clause. Use "IP:addr" command:
when CLIENT_ACCEPTED {  
    if { ([IP::addr [IP::client_addr] equals 1.1.1.1]) and ([class match [IP::remote_addr] equals remote_net]) } {
        snatpool snatpool_remote  
    }  
}

Forum Discussion

iRule to SNAT only for requests sent to specific destination.

1 Reply

Recent Discussions

Advise on setting up IRULE

google autenticator broken barcode

Port Group on F5OS network setting

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Unwinding the Benefits of Investing in White Label Crypto Wallet

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

Logging DNS Requests

How can I redirect an HTTP request to a Proxy and change the Destination?

Different policies same destination and pool

Block destination IP by source IP