For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ben_Wilson_2412's avatar
Ben_Wilson_2412
Icon for Cirrus rankCirrus
Jul 11, 2014

Disable port translation in an iRule, or "node" usage

Hi, I'm trying to create a VIP that handles HTTP, HTTPS and a TCP port range. I was hoping to create a "wildcard" VIP, then pick pools based on an iRule. Port 80 and 443 requests go to the port...
application delivery
devops
iRules
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 12, 2014

You should be able to 1) create an any port pool, and 2) use the translate port disable command. With that you also shouldn't need the LB_SELECTED event.

when CLIENT_ACCEPTED {
    set DEBUG 1
    switch -regexp [TCP::local_port] {
        "80" {
            if {$DEBUG} {log local0. "Port 80 request"}
            SSL::disable clientside
            pool lvstrn.80
        }
        "443" {
            if {$DEBUG} {log local0. "Port 443 request"}
            pool lvstrn.80
        }
        "202[00-72]" {
            if {$DEBUG} {log local0. "Port 202XX request"}
            SSL::disable clientside
            pool lvstrn.any
            translate port disable
        }
        default {
            reject
        }
    }
}