Forum Discussion
Jan 02, 2015
Your iRule logs the source IP address derived from the header of the incoming IP datagram.
If the original client IP address is modified (i.e. due to hiding NAT of your clientside firewall or by your internet router) you will log the NAT address, as you already noticed. If your client´s request is forwared by a proxy you can check for the so called X-Forwarded-For http-header. Perhaps the proxy is inserting this header with the value of the original client IP address. So if your virtual server has an http-profile assigned you may add the following section to your iRule:when HTTP_REQUEST {
if {[HTTP::header exists X-Forwarded-For]}{
log local0. "client ip from xff-header: <[HTTP::header value X-Forwarded-For]>"
}
}
Please run "tail -f /var/log/ltm" to monitor your log file.