Forum Discussion
lboogie25_20449
Nimbostratus
NimbostratusBasic iRule
Sirs and Ma'ams:
I'm new to F5 (even newer to iRules) and I'm stuck on comprehending the operators/commands. What I'm trying to do is handle traffic from Linux machines and send to one pool while Windows machines go to a separate pool. The work requirement is done by TCP port. The iRule documentation is overwhelming at this point since I have no prior coding experience. The F5 returns an error "01070151:3: Rule [/Common/iRule-redirect-Test] error: /Common/iRule-redirect-Test:2: error: [missing a script after "if"][ ] /Common/iRule-redirect-Test:3: error: [parse error: PARSE missingBracket 84 {missing close-bracket}][{ [TCP::local_port == 80 }] /Common/iRule-redirect-Test:7: error: [missing a script after "if"][ ]"
Here is what I have:
when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals x.x.x.x/24] } if { [TCP::local_port == 80 } { pool HTTP-Pool } if { [IP::addr [IP::remote_addr] equals x.x.x.x/24] } if { [TCP::local_port] == 22} { pool SSH-Pool } }
natheCirrocumulus
Lboogie25, looks like there's no ] after your first TCP::local_port == 80 command.
This should sort but a word on your irule. As your first if statement is duplicated ie your checking the remote address, you could clean it up by using a nested if statement and using if/elseif.
See https://devcentral.f5.com/articles/irules-101-13-nested-conditionals for what I mean.
Hope this helps,
N
lboogie25_20449Thanks for your help, Nathan. When I added the missing bracket, that didn't help. My TCP::local_port argument is incorrect. See error message: 01070151:3: Rule [/Common/iRule-redirect-Test] error: /Common/iRule-redirect-Test:2: error: [missing a script after "if"][ ] /Common/iRule-redirect-Test:3: error: [wrong args][TCP::local_port == 80] /Common/iRule-redirect-Test:7: error: [missing a script after "if"][ ]
I guess what I'm struggling with are the available commands. Do you know where I can find a list of available arguments/variables to manipulate?
- lboogie25_20449
Here is the new error message and screenshot
Mark_22062Because you are doing an if statement within an if statement I'd say you would need this:
when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals 192.168.1.1]} { if {[TCP::client_port equals 80} {pool Our-HTTP_Pool}} if { [IP::addr [IP::remote_addr] equals 192.168.1.1]} { if {[TCP::client_port equals 22} {pool IRule-22-Test}} }A more elegant way would be:
when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals 192.168.1.1]} { if {[TCP::client_port equals 80} {pool Our-HTTP_Pool}} elseif {[TCP::client_port equals 22} {pool IRule-22-Test} }You might want to consider what you want to do with traffic that doesn't match.
- lboogie25_20449I tried this and it worked like a champ. Thanks for the tip on non-matching traffic. Many thanks for everyone's time!
- Kai_Wilke
MVP
Hi Lboogie25,
you may try this snippet if each pool needs a different IP address filter...
when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals x.x.x.x/24] and ([TCP::local_port] == 80) } then { pool HTTP-Pool } elseif { [IP::addr [IP::remote_addr] equals x.x.x.x/24] and ( [TCP::local_port] == 22 ) } then { pool SSH-Pool } }... or if both pools using the same IP address filter, then try this snippet...
when CLIENT_ACCEPTED { if { [IP::addr [IP::remote_addr] equals x.x.x.x/24] { if { [TCP::local_port] == 80 } then { pool HTTP-Pool } elseif { [TCP::local_port] == 22 } then { pool SSH-Pool } } }Cheers, Kai
