Forum Discussion

F5Hopper_28651's avatar
F5Hopper_28651
Icon for Nimbostratus rankNimbostratus
Aug 15, 2016

Geolocation irule for states

so I have read many irules on the dev site, creating mine.

when HTTP_REQUEST {
    if { ([string tolower [HTTP::uri]] starts_with "/testingpage") } {
     Parse the client IP from the CDN header
        set client_ip [HTTP::header value "Client-IP"]
    if { $client_ip eq "" }{
     The header was empty/did not exist, so use the actual client IP
        set client_ip [IP::client_addr]
}
    set state [string tolower [whereis $client_ip abbrev]]
    switch $state {
    "NJ" -
    "ID" {
        HTTP::respond 200 content "Your IP IS from NJ or ID"
    } 
    default {
         Redirect all others
       set state [whereis $client_ip abbrev]
       HTTP::respond 200 content "Your IP IS NOT NJ or ID you is $state"
        }
        }
    }
}

my issues is that I get no return state result. just says "Your IP IS NOT NJ or ID you is " and nothing after that...

when i check the local CLI I get.

[admin@BIG-IP-VE-LAX01-POC:Active:Standalone] ~  geoip_lookup 148.74.227.1
Will attempt to lookup ip '148.74.227.1'
No database specified.
opening database in /usr/share/GeoIP/v2/F5GeoIP.dat
size of geoip database = 32235638, segments = 12797693, version = Copyright (c) F5 Networks Inc, All Rights Reserved GEOIP2 v1, 20160303
geoip_seek = 00e102c4
geoip record ip = 148.74.227.1
country_code = US
country_name = United States
region_name = New Jersey
continent_code = NA

any ideas whats going on?

  • Simple mistake, (I've done it myself) : set state [string tolower [whereis $client_ip abbrev]]

    switch $state {
    "NJ" -
    "ID" {
    
    string tolower will never have a "NJ" or "ID" result,
    

    try "nj" or "id"

    🙂

  • set state [string tolower [whereis $client_ip abbrev]]
    switch $state {
    "NJ" -
    "ID" 
    

    Change to

    set state [string tolower [whereis $client_ip abbrev]]
    log local0. "Lowercase state is $state"
    switch $state {
    "nj" -
    "id" 
    
    And then tail -f /var/log/ltm to see what the F5 is picking up as state (if anything)
    
    BR
    
  • I have changed my rule a little and got it to work.

    when HTTP_REQUEST {
        if { ([string tolower [HTTP::uri]] starts_with "/testingpage") } {
          Parse the client IP from the CDN header
            set client_ip [HTTP::header value "Client-IP"]
            if { $client_ip eq "" }{
         The header was empty/did not exist, so use the actual client IP
        set client_ip [IP::client_addr]
    }
        switch [whereis $client_ip abbrev] {
        "NJ" -
        "ID" {
            HTTP::respond 200 content "Your IP IS from NJ or ID"
        }
        default {
           set state [whereis $client_ip abbrev]
           log local0. "Lowercase state is $client_ip"
           HTTP::respond 200 content "Your IP IS NOT NJ or ID you is $state"
          }
         }
        }
    }
    

    but I found a new issue, that is that I have a front end with imperva for security, the $client_ip always comes back with their IP. its like a huge proxy... but on my webserver I do see the client IPs using xforward...so Im not sure what to do.

  • ok I figured it all out.. Imperva/Incapsula has added another header it passes its original client ip in called [HTTP::header "Incap-Client-IP"]

    when HTTP_REQUEST {
    if { ([string tolower [HTTP::uri]] starts_with "/testingpage") } {
             Parse the client IP from the CDN header
            set client_ip [HTTP::header "Incap-Client-IP"]
            log local0. "XFF: [HTTP::header "Incap-Client-IP"]"
    if { $client_ip eq "" }{
         The header was empty/did not exist, so use the actual client IP
        set client_ip [IP::client_addr]
    }
    switch [whereis $client_ip abbrev] {
        "NJ" -
        "ID" {
            HTTP::respond 200 content "Your IP IS from NJ or ID"
        }
        default {
           set state [whereis $client_ip abbrev]
           log local0. "Lowercase state is $client_ip"
           HTTP::respond 200 content "Your IP IS NOT NJ or ID you is $state"
        }
      }
     }
    }
    
    • janholtz_40468's avatar
      janholtz_40468
      Icon for Nimbostratus rankNimbostratus

      Glad you got it sorted... Remember to comment out log local0.blah...

       

      Extensive logging is good.

       

      Until it isn't.

       

      If you dont need it, switch it off :)

       

  • Hi, I hope someone can help me.

     

    I want to store the geolocation info of a connection coming from an specific state and transfer it via cookie to the web. I have got this irule but doesnt generate the cookie:

     

    when HTTP_REQUEST {

     

    set client_ip [HTTP::header "Incap-Client-IP"] if { $client_ip eq "" }{ The header was empty/did not exist, so use the actual client IP set client_ip [IP::client_addr] set state "[whereis [IP::client_addr] state]" log local0. "Incoming connectionfrom $client_ip and $state" }

     

    when HTTP_RESPONSE {

     

    HTTP::cookie insert name "webserverRESPONSE" value "$state" }

     

    Could anyone help me?