Change path

Easy enough using the string command. Just to verify though, you want to remove this between LTM and your pool members. You aren't trying to redirect the user or anything like that?

when HTTP_REQUEST {
   if { [string tolower [HTTP::uri]] starts_with "/ssl/" } {
      HTTP::uri [string range [HTTP::uri] 4 end] } 
    }

Thanks for the replies. I actually got this to work.. I'll try yours too Hoolio.

 

 

when HTTP_REQUEST {

 

if {[string tolower [HTTP::path]] starts_with "/ssl"}{

 

HTTP::redirect "https://site1.com[string map -nocase {/ssl/ /} [HTTP::uri]]"

 

}

 

}

 

 

 

Aaron/Colin - let's say he wanted to remove the string "/ssl" that occurred anywhere within the rule, what would we use then?

One more question. How do I make this work if the request is https? This has stumped me in the past.

 

Aaron/Colin - let's say he wanted to remove the string "/ssl" that occurred anywhere within the rule, what would we use then?

 

 

 

You could check for a URI containing "ssl" and then use string map as Dave did.

 

 

Dave, if the virtual server is for HTTPS traffic, you'd need to import the server cert/key in a client SSL profile and then add that to the virtual server. This allows LTM to decrypt the SSL and inspect and modify the HTTP.

 

 

Aaron

Chris, I meant your iRule. Sorry. Yours doesn't work when the request is HTTPs, while mine does, but yours is more universal. Why doesn't it work with HTTPS? I've seen this before. Thanks again.

The site works in https, but the rule doesn't eliminate the /SSL if the request is https.

@Chris

If it's going to show up anywhere in the URI it's a bit more tricky. You'd need to find where that is first, then use the string command to do away with that section, or re-write it as necessary.

Something like:

when HTTP_REQUEST {
  set uri [tolower [HTTP::uri]]
  if { $uri contains "/ssl/" } {
    set index [string first /ssl/ $uri]
    set newuri [string replace [HTTP::uri] $index [expr $index + 3]]
    HTTP::uri $newuri
  } 
}

This would look for the first instance of /ssl/ and replace /ssl (chars 0-3 starting at the index) with nothing, effectively removing them from the URI.

Not tested on the LTM, but tested in tclsh for syntax.

Colin

String map would certainly work but keep in mind it's going to nuke every entry of SSL it sees, so make sure you're using something completely unique. The reasoning for the above logic was to make sure it's only replacing the first instance of the string, not all of them.

 

 

 

Also, RE: the SSL problem: Make sure the iRule is applied to the SSL virtual as well as the HTTP virtual, and remember that it's only going to work if you're decrypting SSL on your LTM.

 

 

Colin

Chris, I only have one virtual server for this site that's open to all ports, and then I use an irule to only allow ports 80 and 443. I've noticed in the past that re-write rules don't work the same for https requests as they do for http requests to the same virtual server. I've found work-arounds, but haven't identified the issue. If I could make your rule work for both, I could use it on numerous sites where we're getting ready to change the path, instead of customizing my rule for each site. I don't mind customizing, but I'd like to keep down the of rules. Dave