Only keep XFF header for specific subnet ranges

Question

Hello&nbsp;We have some external facing virtual servers that have requests coming in from both internal and external sources. What we'd like to do is keep XFF headers only for requests coming in from a set list of internal subnets and remove them for any requests from source IPs not defined in the list. How would we go about achieving this?&nbsp;ThanksAK

swjo · Answer

Hi&nbsp;when HTTP_REQUEST {if { [HTTP::header exists X-Forwarded-For] } {if { [class match [HTTP::header X-Forwarded-For] equals my_external_ip] } {	HTTP::header remove X-Forwarded-For}}else {	return}}&nbsp;I didn`t test this rule. but this form would be work.&nbsp;

swjo · Answer

If it is easy to classify internal Ip, use this rule little switching.

Forum Discussion

Only keep XFF header for specific subnet ranges

2 Replies

Recent Discussions

BIG-IP DNS iRule issue with static variable

Using okta as SSO to login F5 GUI

(How) can I get two client certificates in one APM session?

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Disk space full - what files, folders are safe to delete?

Related Content

OCSP HTTP Header Specification/Example or field name of EDIPI?

Using Client Subnet in DNS Requests

ASM irule to disable attack signature authorization header with specific value

Re: F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP header

HTTP Monitor cURL GET With Host Specific Headers