For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Gus_Thompson_11's avatar
Gus_Thompson_11
Icon for Nimbostratus rankNimbostratus
Oct 29, 2007

Cookie Persistence iRule help

Greetings,     I’m in desperate need of a solution for “Cookie Insert” persistence. I have worked with F5 support for over a month now, and still have not been able to resolve our issues. So, ...
application delivery
dev
devops
iRules
Deb_Allen_18's avatar
Deb_Allen_18
Historic F5 Account
Nov 10, 2007
Hi Gus --

You could create a single port 0 VS, but you'd get the same error.

Leave the clientssl profiles configured as they should be, and replace this:

      if { [PROFILE::exists clientssl] == 1} {
         if {$::debug}{log local0. "Client SSL profile enabled on VIP.  Disabling SSL"}
         SSL::disable clientside
      }

With this little trick to wrap the offending call:

      if { [PROFILE::exists clientssl] == 1 } {
         if {$::debug}{log local0. "Client SSL profile enabled on VIP.  Disabling SSL"}
            set ssl_disable "SSL::disable clientside"
            [eval $ssl_disable]
         } 
      }

It effectively hides the offending command from the parser police & executes it only when appropriate.

HTH

/deb