Forum Discussion

kend's avatar
kend
Icon for Altostratus rankAltostratus
Apr 02, 2021

Convert HTTP iRule to TCP

We have a client/server application that uses a private written client that connects to a server through the LTM. The client app is installed on the users local workstation and then is used to connect to a virtual server on our LTM. The client sends the initial connection request as a malformed header which contains a session id that is then used for persistence. The current iRule we are using contains HTTP commands, so a HTTP profile is required on the virtual server. But, since this not a true HTTP application, we have some issues when using the HTTP profile. So, I am trying to convert the existing iRule from using the HTTP commands and try and use the TCP payload to get the session id. I am an amateur iRule creator, so I was hoping to get some help and to even see if this is possible. The current iRule is listed below. I want to achieve the same result but with using the TCP payload. That way the HTTP profile will not be needed.

 

Current iRule

when RULE_INIT {

 

        #Sets logging level (0 = no logging 1 = logging)

        set ::debug 0

 

        #Sets persistence timeout in seconds

        set ::timeout 900

}

 

when HTTP_REQUEST {

 

        #Checks if Content-Session header exists

        if { [HTTP::header exists "Content-Session"] }{

 

                #Grab Content-Session header value

                set sessionid [HTTP::header "Content-Session"]

                if {$::debug}{ log local0. "Content-Session value for [IP::client_addr] is: $sessionid"}

 

                #Persist connection based on Content-Session value

                catch { persist uie $sessionid $::timeout }

        }

}

 

when HTTP_RESPONSE {

 

        #Checks for Content-Session header

 

        if { [HTTP::header exists "Content-Session"] }{

 

                #Grap Content-Session header value

                set sessionid [HTTP::header "Content-Session"]

                if {$::debug}{ log local0. "Content-Session value for [IP::remote_addr] is: $sessionid"}

 

                #Setup Persistence record

                catch { persist add uie $sessionid $::timeout }

        }

}

  • kend's avatar
    kend
    Icon for Altostratus rankAltostratus

    I tried creating an iRule using the TCP::collect and TCP::payload command. I am trying to use the scan command to parse the data I need. This is the scan command I am using, but it is not working, "set scan_ct [scan [TCP::payload] {%[^\]\%s} 1 sessionid ]". here is a capture of the payload I am trying to scan and the highlighted data is what I need to parse. What would I change the scan variables, {%[^\]\%s}, to in order to get my data?

    POST /Epic HTTP/1.1 User-Agent: ThinClient Host: server Content-Length: 98 Content-Version: 1.0 Content-Session: 6000ec8-6f72-7yac-a334-cf657bcc2e52 Content-Type: application/smart-message ^������NX������¤þá�»T|ó<­Ó܉6Âjè��������:����������������������������������)��������������False��������������������������������������������en-US��

  • Try using TCP::collect in CLIENT_DATA event. Log tcp payload and see if content-session payload can be used. Here is the link to start with some basic iRule syntax

     

    https://clouddocs.f5.com/api/irules/TCP__payload.html