Forum Discussion
NimbostratusF5 migration from HA proxy
Following settings need to migrated to F5 LTM from HA proxy. kindly help to achieve the same settings in F5.
- Custom Error page (HTML file) --> when following Error response getting from server 400,403,408,500,502,503,503
- Block --> stick-table type ip size 100k expire 30s store conn_rate(3s). if tcp-request from white list IP then accept the request.
- http-response add-header X-App-Server %b/%s acl secured_cookie res.hdr(Set-Cookie),lower -m sub secure rspadd Strict-Transport-Security:\ max-age=31536000;\ includeSubDomains;\ preload rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if !secured_cookie
- Main URL : acl is_admin path_beg /apanel acl is_admin path_beg /administration acl is_admin path_beg /wp-admin --> if above path request comes: then the request send to particular node
- acl restricted_page path_beg,url_dec -i /user.php --> allow this path only for whitlist IP's
- acl htaccess_redirect path_beg,url_dec -i /.htacces --> redirect to 404 page
- acl file_robot path_beg -i /robots.txt --> redirect to home page
youssef1Cumulonimbus
Hi,
So for your sorry page you can follow this link:
https://devcentral.f5.com/wiki/irules.Automatic_maintenance_page___Sorry_page_with_images.ashx
and this link, check response from kevin about ifile:
https://devcentral.f5.com/questions/irule-maintanance-page-with-ifile
For blocking a specific URI:
https://devcentral.f5.com/questions/irules-blocking-url-47529
https://devcentral.f5.com/questions/block-url-49989
Begin with this 2 steps. let me know if you need help
regards,
- youssef1
OK let's GO We will begin with maintenance page:
First you have to import all your files (page, png, css, gif):
- Create your FILE: System ›› File Management ›› Import...
- then create your ifile: Local Traffic ›› iRules : iFile List ›› New iFile...
And use this simple Irule for maintenance page that trigged when you have an error 5** for example:
when HTTP_REQUEST { --- set variable --- set host [HTTP::host] set uri [HTTP::uri] set alert 0 --- set variable --- --- Trigged maintenance for Node down --- if {[active_members [LB::server pool]] < 1 } { if {$uri == "/maintenance_page.html"} { do nothing } elseif {$uri == "/css/yourcss.css" || $uri == "/img/yourgif.gif" || $uri == "/img/yourpng.png" } { do nothing } else { HTTP::redirect "https://$host/maintenance_page.html" } } --- load maintenance page object --- switch -glob [HTTP::uri] { "/maintenance_page.html" { HTTP::respond 200 content [ifile get "/Common/maintenance_page.html"] noserver "Content-Type" "text/html" "Cache-Control" "no-cache, must-revalidate" set alert 1} "/css/yourcss.css" { HTTP::respond 200 content [ifile get "/Common/yourcss.css"] noserver "Content-Type" "text/css" "Cache-Control" "no-cache, must-revalidate" set alert 1} "/img/yourgif.gif" { HTTP::respond 200 content [ifile get "/Common/yourgif.gif"] noserver "Content-Type" "image/gif" "Cache-Control" "no-cache, must-revalidate" set alert 1} "/img/yourpng.png" { HTTP::respond 200 content [ifile get "/Common/yourpng.png"] noserver "Content-Type" "image/png" "Cache-Control" "no-cache, must-revalidate" set alert 1} default { do nothing } } } when HTTP_RESPONSE { --- Trigged maintenance for 500 if {[HTTP::status] starts_with "5"} { HTTP::respond 200 content [ifile get "/Common/maintenance_page.html"] noserver "Content-Type" "text/html" "Cache-Control" "no-cache, must-revalidate" } }