Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Ben_Wilson_2412's avatar
Ben_Wilson_2412
Icon for Cirrus rankCirrus
Jul 11, 2014

Disable port translation in an iRule, or "node" usage

Hi, I'm trying to create a VIP that handles HTTP, HTTPS and a TCP port range. I was hoping to create a "wildcard" VIP, then pick pools based on an iRule. Port 80 and 443 requests go to the port...
application delivery
devops
irules
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 12, 2014

You should be able to 1) create an any port pool, and 2) use the translate port disable command. With that you also shouldn't need the LB_SELECTED event.

when CLIENT_ACCEPTED {
    set DEBUG 1
    switch -regexp [TCP::local_port] {
        "80" {
            if {$DEBUG} {log local0. "Port 80 request"}
            SSL::disable clientside
            pool lvstrn.80
        }
        "443" {
            if {$DEBUG} {log local0. "Port 443 request"}
            pool lvstrn.80
        }
        "202[00-72]" {
            if {$DEBUG} {log local0. "Port 202XX request"}
            SSL::disable clientside
            pool lvstrn.any
            translate port disable
        }
        default {
            reject
        }
    }
}