For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

craigvphillips_'s avatar
craigvphillips_
Icon for Nimbostratus rankNimbostratus
Jun 06, 2017

Adding an irule via put

Trying to add an irule to a few thousand virtuals and it does't work.   I can PATCH   {"rules": [ "awesomerule" ] } and it works, but it replaces the irule list with the single...
BIG-IP
devops
iControlREST
Satoshi_Toyosa1's avatar
Satoshi_Toyosa1
Ret. Employee
Jul 05, 2017

Use 

POST
to create an iRule and 
PATCH
to modify the content (script). e.g.,

Creating an iRule "test" (under /Common):

curl -sku admin:secret -X POST -H "Content-Type: application/json" \
  -d '{"name": "test" }' \
  https://mgmtPort/mgmt/tm/ltm/rule

Output:

{"kind":"tm:ltm:rule:rulestate","name":"test","partition":"Common","fullPath":"/Common/test","generation":1745,"selfLink":"https://localhost/mgmt/tm/ltm/rule/~Common~test?ver=12.1.2"}

Add the script to the rule "test":

curl -sku admin:secret -X PATCH -H "Content-Type: application/json" \
  -d '{"apiAnonymous":"when CLIENT_ACCEPTED {log local0. \"hello world\"}" }' \ 
  https://mgmtPort/mgmt/tm/ltm/rule/test

Output:

{"kind":"tm:ltm:rule:rulestate","name":"test","fullPath":"test","generation":1746,"selfLink":"https://localhost/mgmt/tm/ltm/rule/test?ver=12.1.2","apiAnonymous":"when CLIENT_ACCEPTED {log local0. \"hello world\"}"}

Verify on the LTM:

 tmsh list ltm rule test
ltm rule test {
    when CLIENT_ACCEPTED {log local0. "hello world"}
}

This overrides the existing content:

curl -sku admin:secret -X PATCH -H "Content-Type: application/json" \
  -d '{"apiAnonymous":"when HTTP_REQUEST {log local0. \"Bonjour monde\"}" }' \ 
  https://mgmtPort/mgm/tm/ltm/rule/test

Verify:

 tmsh list ltm rule test
ltm rule test {
    when HTTP_REQUEST {log local0. "Bonjour monde"}
}