Forum Discussion
Eric_Seidman_10
Nimbostratus
NimbostratusDealing with null bytes in STREAM replacement
Hello,
Question from a new iRule developer.
I am trying to replace a string containing null bytes with another string containing null bytes using a iRule. Specifically, I am trying to change a pipe identifier used during an interaction between 2 Windows servers. The pipe identifer seems to be encoded in a double-byte format, with null characters between the ASCII characters (I'm new to dealing with double-byte encodings, so I'm not sure of the exact encoding being used.)
As an example, I'm trying to replace the string "HOME1" with "HOME2".
I have used a packet sniffer on the destination machine and found the following data being sent:
48 00 4f 00 4d 00 45 00 31
However, I'm getting caught up in the syntax. Here is what I've attempted so far:
when CLIENT_ACCEPTED {
STREAM::enable
STREAM::expression @H\0O\0M\0E\01@H\0O\0M\0E\02@
}
when STREAM_MATCHED {
log local0. "[STREAM::match]"
}
I have selected a blank stream profile for the VIP in question.
Unfortunately, it seems that the replacement is only matching on the first character (stopping after the null byte). Do you have any suggestions for correcting the replacement iRule?
Thanks for any help you can offer.
eric
2 Replies
Eric_Seidman_10Hello,
After consulting with F5 support, I am told that using a STREAM profile to match anything involving a NULL byte is not possible.
However, I was told the following:
"It may be possible to reference the hex data and replace it with the TCP::payload command, but I am not positive that this is possible. The DevCentral community is the best resource for this type of information."
Does anyone know if this is possible?
Thanks,
eric
Tomasz_RadziszeYou may consider using the TCL's binary scan and binary format. They are described here
http://tmml.sourceforge.net/doc/tcl/binary.html
This, for example, converts binary data (variable data) to hex string (variable hexdata)binary scan $data H* hexdata
