IP::addr¶
Description¶
Performs comparison of IP address/subnet/supernet to IP
address/subnet/supernet, or parses 4 binary bytes into an IPv4 dotted
quad address
Syntax¶
IP::addr <addr1>[/<mask>] equals <addr2>[/<mask>]
IP::addr parse [-swap] <binary field> [<offset>]
IP::addr <addr1> mask <mask>
v11 Additions/Changes:
IP::addr parse [-ipv6|-ipv4 [-swap]] <bytearray> [<offset>]
IP address comparison¶
Performs comparison of IP address/subnet/supernet to IP
address/subnet/supernet.
Returns 0 if no match, 1 for a match.
Use of IP::addr is not necessary if the class (v10+)
or matchclass (v9) command is used to perform
the address-to-address comparison.
Does NOT perform a string comparison. To perform a literal string
comparison, simply compare the 2 strings with the appropriate operator
(equals, contains, starts_with, etc) rather than using the IP::addr
comparison.
For versions 10.0 - 10.2.1, use the “slash notation” such as “/16” or
“/24” instead of dotted decimal for the netmask like “/255.255.255.0”.
The latter dotted decimal netmask notation passes iRule validation in
versions 10.0 - 10.2.1, but does not reliably work. You can, however,
specify the IP and mask as follows: “10.1.1.0 mask 255.255.255.0” (no
slash at all with double quotes). The dotted decimal notation for / is
restored in version 10.2.2. (bug id 347628)
IP address parsing (10.2.0-HF2 or higher only)¶
Parses the value in <binary field> into an IPv4 dotted quad address,
starting at the given offset in bytes. The value of binary
field must be 4 or more binary bytes intended to be parsed as an IP
address. If the -swap option is specified, network byte order
conversion is performed on the bytes before parsing the address.
Network ID Query¶
Calculates the network ID of the given IP address and netmask for use
in such constructs as switch statements.
Route Domains¶
The address parameter does not pick up the partition default Route
Domain. This is ID476920. When matching an address with a Route
Domain, the Route Domain must be specified.
Examples¶
To perform comparison of IP address 10.10.10.1 with subnet 10.0.0.0.
(Will return 1, since it is a match.)
[IP::addr 10.10.10.1 equals 10.0.0.0/8]
To perform comparison of client-side IP address with subnet 10.0.0.0.
(Will return 1 or 0, depending on client IP address.)
[IP::addr [IP::client_addr]/8 equals 10.0.0.0]
or:
[IP::addr "10.0.0.0 mask 255.0.0.0" equals [IP::client_addr]]
[IP::addr 10.42.2.0/24 equals 10.42.2.1]: 1
[IP::addr 10.42.2.2 equals 10.42.2.0/24]: 1
[IP::addr "10.42.2.0 mask 255.255.255.0" equals 10.42.2.1]: 1
[IP::addr 10.42.2.2 equals "10.42.2.0 mask 255.255.255.0"]: 1
To select a specific pool for a specific client IP address.
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 10.10.10.10] } {
pool my_pool
}
}
To perform a comparison of IP address 10.10.10.1 with a list of
addresses in a Data Group List, use class (v10) or
matchclass (v9) instead:
[class match 10.10.10.1 equals client_ip_class]
or
[matchclass 10.10.10.1 equals myIPs]
To validate an IP address, you can use catch statement (by natty76)
set a "1.1.1.1"
log local0. "catch $a => [catch {IP::addr $a mask 255.255.255.255} ]"
set a "256.256.256.256"
log local0. "catch $a => [catch {IP::addr $a mask 255.255.255.255} ]"
To convert 4 binary bytes into an IPv4 address (10.2.0-HF2 or higher
only):
when CLIENT_ACCEPTED {
set input_option [TCP::option get 28]
# since the option kind 28 data begins with a 1-byte version code,
# and we just want the address that follows it, use offset 1
set forwarded_ip [IP::addr parse $input_option 1]
log local0. "The IP address was $forwarded_ip"
}
To use a switch statement to utilize different networks:
when HTTP_REQUEST {
switch [IP::addr [IP::client_addr] mask 255.255.255.0] {
"10.10.4.0" -
"192.168.4.0" {
pool pool_http_server_1
}
default {
reject
}
}
}