Forum Discussion
hooleylist
Nov 18, 2009Cirrostratus
You're running 9.2?! You should upgrade when you have a chance as that is old and unsupported. 9.4.x or 10.x have a lot of stability and security enhancements over 9.2.
Here is an example iRule which can be used on a performance layer4 VIP to look up the client's destination IP:port against a string datagroup (or a TCL list in this example) and translate the destination IP and port using the findclass and node commands. Make sure (destination) address and port translation are enabled on the VIP. Make sure to use a string datagroup and disable/comment out the logging once you're done testing.
when RULE_INIT {
Replace this test TCL list with a "string" type datagroup
and then delete the RULE_INIT event
set destination_translations_class [list \
"10.2.135.100:80 192.168.135.100:8080" \
"10.2.135.101:8080 192.168.135.101:8888" \
]
}
when CLIENT_ACCEPTED {
log local0. "[IP::client_addr]:[TCP::client_port]: New TCP connection to [IP::local_addr]:[TCP::local_port]"
Look up the destination address:port in a datagroup
set dest [findclass [IP::local_addr]:[TCP::local_port] $::destination_translations_class " "]
log local0. "[IP::client_addr]:[TCP::client_port]: Matched \$dest: $dest"
Check if there was a match
if {$dest ne ""}{
log local0. "[IP::client_addr]:[TCP::client_port]: Using node [split $dest ":"]"
Set the destination IP and port using the node command
node [split $dest ":"]
}
}
Aaron