Product Documentation

Example 1: Delete Old X-Forwarded-For and Client-IP Headers

Example Inc. wants to remove old X-Forwarded-For and Client-IP HTTP headers from incoming requests, so that the only X-Forwarded-For headers that appear are the ones added by the local server. This configuration can be done through the Citrix ADC command line or the configuration utility. The Example Inc. system administrator is an old-school networking engineer and prefers to use a CLI where possible, but wants to be sure he understands the configuration utility interface so that he can show new system administrators on the team how to use it.

The examples below demonstrate how to perform each configuration with both the CLI and the configuration utility. The procedures are abbreviated on the assumption that users will already know the basics of creating rewrite actions, creating rewrite policies, and binding policies.

To delete old X-Forwarded and Client-IP headers from a request by using the command line interface

At the command prompt, type the following commands in the order shown:

add rewrite action act_del_xfor delete_http_header x-forwarded-for
add rewrite action act_del_cip delete_http_header client-ip
add rewrite policy pol_check_xfor 'HTTP.REQ.HEADER("x-forwarded-for").EXISTS' act_del_xfor
add rewrite policy pol_check_cip 'HTTP.REQ.HEADER("client-ip").EXISTS' act_del_cip
bind rewrite global pol_check_xfor 100 200
bind rewrite global pol_check_cip 200 300

To delete old X-Forwarded and Client-IP headers from a request by using the configuration utility

In the Create Rewrite Action dialog box, create two rewrite actions with the following descriptions.

Name Type Argument(s)
act_del_xfor delete_http_header x-forwarded-for
act_del_cip delete_http_header client-ip

In the Create Rewrite Policy dialog box, create two rewrite policies with the following descriptions.

Name Expression Action
pol_check_xfor ‘HTTP.REQ.HEADER(“x-forwarded-for”).EXISTS’ act_del_xfor
pol_check_cip ‘HTTP.REQ.HEADER(“client-ip”).EXISTS’ act_del_cip

Bind both policies to global, assigning the priorities and goto expression values shown below.

Name Priority Goto Expression
pol_check_xfor 100 200
pol_check_cip 200 300

All old X-Forwarded-For and Client-IP HTTP headers are now deleted from incoming requests.