11.3 tmsh cli for irule

I'm not sure if it has to be a one-liner? If not, try using

tmsh edit ltm rule 'name'

yeah - it has to be a one liner..the folks who will be actually executing the change are (unskilled) . would using a unix redirect with the above edit command work?

I've tried everything, can't seem to find a way, sorry.

thanks for looking...

Okay, admittedly this is a little hokey, but it does work:

echo -e "ltm rule /Common/test_rule {\nwhen CLIENT_ACCEPTED {\n   set VirtualIP [IP::client_addr]\n   snat \$VirtualIP\n}\n}" > /var/tmp/test-rule & tmsh load sys config merge file /var/tmp/test-rule

The idea is that it creates a properly formatted iRule in a temporary file (including newlines) and then imports that into the config via merge.

This imports correctly into 11.4.1 HF3 - just dropped the step of adding the variable - not sure if that would work.

[xxxxx@BigIP:Active:Standalone] log tmsh create ltm rule /Common/SNAT2VIP when CLIENT_ACCEPTED {snat [clientside {IP::local_addr}]} [xxxxx@BigIP:Active:Standalone] log tmsh list ltm rule /Common/SNAT2VIP ltm rule SNAT2VIP { when CLIENT_ACCEPTED {snat [clientside {IP::local_addr}]} }

Hope that helps.

Hi ALL,

Actually the command can be multiple liner. Only the issue is: read-ability of the codes are terrible. Example iRules with normally written using iRules Editor:

[root@BigIP:Active:Standalone] config  tmsh list ltm rule Eval_Command
ltm rule Eval_Command {
when HTTP_REQUEST {
 set Command [string map {/ " "} [HTTP::uri]]
 if { $Command eq " " } {
  HTTP::respond 200 content "Usage: /Command/Argument_1/Argument_2/Argument_3/.../Argument_N/\r\n" noserver "Connection" "Close"
 } else {
  HTTP::respond 200 content "$Command\r\n\r\n[eval $Command]\r\n\r\n<--- [clock format [clock seconds] -format "%Y-%m-%d %H:%M:%S"] --->\r\n" noserver "Connection" "Close"
 }
}
}
[root@BigIP:Active:Standalone] config 

with CLI (tmsh), you can write it as below:

[root@BigIP:Active:Standalone] config  tmsh create ltm rule Test_iRules_CLI `echo "when HTTP_REQUEST { set Command [string map {/ \" \"} [HTTP::uri]] ; if { \\$Command eq \" \" } { HTTP::respond 200 content \"Usage: /Command/Argument_1/Argument_2/Argument_3/.../Argument_N/\\\r\\\n\" noserver \"Connection\" \"Close\" } else { HTTP::respond 200 content \"\\$Command\\\r\\\n\\\r\\\n[eval \\$Command]\\\r\\\n\\\r\\\n<--- [clock format [clock seconds] -format \"%Y-%m-%d %H:%M:%S\"] --->\\\r\\\n\" noserver \"Connection\" \"Close\" } }"`
[root@BigIP:Active:Standalone] config 

the result will be:

[root@BigIP:Active:Standalone] config  tmsh list ltm rule Test_iRules_CLI
ltm rule Test_iRules_CLI {
    when HTTP_REQUEST { set Command [string map {/ " "} [HTTP::uri]] ; if { $Command eq " " } { HTTP::respond 200 content "Usage: /Command/Argument_1/Argument_2/Argument_3/.../Argument_N/\r\n" noserver "Connection" "Close" } else { HTTP::respond 200 content "$Command\r\n\r\n[eval $Command]\r\n\r\n<--- [clock format [clock seconds] -format "%Y-%m-%d %H:%M:%S"] --->\r\n" noserver "Connection" "Close" } }
}
[root@BigIP:Active:Standalone] config 

Hope the above helps.

Hi All,

Hey just on this topic, just keen to highlight the possibility to use any of: CLI Scripting (edit cli script , then run cli script ) iCalls (edit sys icall script , then edit sys icall handler periodic ) iApps (edit in GUI)

In these scripting environments tmsh::create ltm rule work

eg simple irule in CLI scripting

modify script test_cli_script { proc script::init {} { }

proc script::run {} { tmsh::create ltm rule "test_irule" "when HTTP_REQUEST \{ log local0. \"test irule\" \}" }

proc script::help {} { }

proc script::tabc {} { } }