需求:當HTTP請求中包含 X-Forwarded-For 的header, 這個值會被策略替換爲一個單獨的客戶端IP地址。如果沒有 X-Forwarded header, 將添加這個header並且加入客戶端IP地址值。
F5 iRules:
when HTTP_REQUEST {
if {[HTTP::header exists X-Forwarded-For]}{
HTTP::header replace X-Forwarded-For "[HTTP::header X-Forwarded-For], [IP::
client_addr]"
} else {
HTTP::header insert X-Forwarded-For [IP::client_addr]
}
}
NetScaler :
add rewrite action xforward replace HTTP.REQ.HEADER("X-Forwarded-For") CLIENT.IP.SRC
add rewrite policy xforward_check_pol "HTTP.REQ.HEADER(\"X-FORWARDEDFOR\").EXISTS"
add rewrite action xforward_add insert_http_header X-FORWARDED-FOR CLIENT.IP.SRC
add rewrite policy xforward_add_pol "HTTP.REQ.HEADER(\"X-FORWARDEDFOR\").EXISTS.NOT"
xforward_add
全局或者在 vServer 級別綁定