So let say you have traffic hitting a f5 VirtualServer, but you want to find out what/who is hitting it and what URI they are asking for, you can do a log Statement inside a iRule defining what you want to log ( src addr, host_header URI )
e.g
ltm rule HOSTSWITCHER {
when HTTP_REQUEST {
switch [HTTP::host] {
"mysite.mydomain.com" {
persist cookie insert "c00k3yM0nst3r" "7d 00:00:00"
log local0. " The site name [HTTP::host] and uri [HTTP::uri] is hitting the mysite.mydomain.com"
pool mysite.mydomain.com_pool
}
default {
log local0. " The site name [HTTP::host] and uri [HTTP::uri] and client's address [IP::client_addr] is hitting the default"
persist cookie insert "de3fAUlt" "1d 00:00:00"
pool default_pool
}
}
}
}
This helps to find DNS entries that could be lefted over and pointing to your public address. By generating a log message for the host and|or URI you can easily debugged left over or bad configurations.
The f5 logs for ltm will show something similar ;
e.g
ltm rule HOSTSWITCHER {
when HTTP_REQUEST {
switch [HTTP::host] {
"mysite.mydomain.com" {
persist cookie insert "c00k3yM0nst3r" "7d 00:00:00"
log local0. " The site name [HTTP::host] and uri [HTTP::uri] is hitting the mysite.mydomain.com"
pool mysite.mydomain.com_pool
}
default {
log local0. " The site name [HTTP::host] and uri [HTTP::uri] and client's address [IP::client_addr] is hitting the default"
persist cookie insert "de3fAUlt" "1d 00:00:00"
pool default_pool
}
}
}
}
This helps to find DNS entries that could be lefted over and pointing to your public address. By generating a log message for the host and|or URI you can easily debugged left over or bad configurations.
The f5 logs for ltm will show something similar ;
No comments:
Post a Comment