adding iRule

Hi Richard,

 

 

Embedding an iRule written in TCL into the implementation script written in TCL can be daunting - you have to escape all the square and curly braces and dollar signs in order to avoid the TCL interpreter running the implementation script from treating it like TCL that it should act on. For anything more than a trivial iRule, I recommend taking a look at this:

 

 

http://devcentral.f5.com/wiki/iApp.Creating-an-iApp-to-manage-and-iRule-using-IPP-templates-Updated.ashx?NoRedirect=1&NS=iApp

 

 

It's a templating system that lets you avoid all of the escaping and really makes it easier to handle large/complicated iRules in iApps.

 

 

Anyways, I gave your rule a shot and was able to get it to import. My code looks like this:

 

 

set code "when CLIENT_ACCEPTED \{\n"
append code "set source_addr \[IP::client_addr\]\n"
append code "set dest_ip_port \[IP::local_addr\]:\[TCP::local_port\]\n"
append code "log local0. \"Source = \$source_addr Dest_IP:Port = \$dest_ip_port\"\n"
append code "set dest_addr \[class match -value -- \[IP::client_addr\] equals test\]\n"
append code "log local0. \"Class info - \$dest_addr\"\n"
append code "if \{ \$dest_addr != \$dest_ip_port || \$dest_addr equals \"\" \} \{\n"
append code " reject\n"
append code "   log local0. \"Rest connection from \$source_addr to \$dest_ip_port\"\n"
append code "  \}\n"
append code "\}"

tmsh::create ltm rule rh { $code }

 

 

There are other ways to do it - and repeatedly using "append" isn't the prettiest - but I was able to get the rule to create. The biggest change I made was to escape all of the dollar signs and curlies as you were missing a couple.

 

 

Cheers,

 

-Brent