DNS resolver iRule

That request is a Proxy request (CONNECT).

Is the F5 Virtual server configured as the HTTP Proxy for the clients, or is the pool member of the virtual server the Proxy server?

If the F5 Virtual server is configured as the Proxy, then you need a http profile that is configured as an Explicit Proxy

K40243113: Overview of the HTTP profile

Proxy Mode

The proxy mode setting determines whether the virtual server operates in reverse, explicit, or transparent mode. The proxy mode offers different HTTP enforcement options for the profile, and allows you to configure the system to act as a gateway in the case of explicit proxy mode. The following proxy mode options are available:

• Explicit - Changes the enforcement options for the profile and enables the BIG-IP system to process HTTP proxy requests and function as a gateway. By configuring browser traffic to use the proxy, you can control whether to allow or deny a requested connection, based on configured policies. The Explicit Proxy Mode requires a DNS resolver, specified in the Explicit Proxy area of the screen.

> So I just have a number of questions:

1.  Does the Virtual Server (VIP address on port 8080) have to match the port 443 in the Smart Licence request as per the tcpdump output?

No - either the request is passed on to a Proxy server pool member, or is directly proxied by the F5 using the http profile (with the Explict Proxy mode set). In either case, the traffic is arriving on port 8080.

2.Does the iRule format look okay?

No. That request does not have a Host header, so HTTP::host will not be specified.

You need to use URI::host to extract the host from the request URI

[URI::host [HTTP::uri]]