Menu Title

Logging WL-Proxy-Client-IP and X-Forwarded-For to determine Client IP behind F5

In order to determine the client IP that sends requests to a Web Server placed behind an F5 appliance, you can attach this iRule to your virtual server. This iRule logs the requested Client IP address under System > Logs > Local Traffic.

This iRule logs following

  • Client IP address
  • Request URL
  • X-Forwarded-For header value
  • WL-Proxy-Client-IP header value
  • Response Code for Requested URL

—- Code starts

when HTTP_REQUEST {
set LogString “Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]”
log local0. “=============================================”
log local0. “$LogString (request)”
foreach aHeader [HTTP::header names] {
log local0. “$aHeader: [HTTP::header value $aHeader]”
}
log local0. “=============================================”
}
when HTTP_RESPONSE {
log local0. “=============================================”
log local0. “$LogString (response) – status: [HTTP::status]”
foreach aHeader [HTTP::header names] {
log local0. “$aHeader: [HTTP::header value $aHeader]”
}
log local0. “=============================================”
}

—- Code ends

Under System > Logs > Local Traffic, you would see logs similar to one below (sensitive information are hidden)

 

You may also like...

Thank you for visiting us. To continue receiving updates, please Subscribe to our Social Media Channels.