Forum Discussion
tim_pearson_938
Nimbostratus
Nimbostratusfooling a client and the server
I am trying to get an iPhone to connect to our iNotes server and neither are playing nice. I think I can fool it by using the F5. My issue is that the iNotes server will not accept an IP address as a valid host. I have been trying to get the F5 to rewrite the URL, but am having issues
iPhone ----http://10.10.2.20 -->F5 ---http://mail.domain.com--->inotes server
What I have so far:
when HTTP_REQUEST {
Check if requested host is an IP address
if {[HTTP::host] eq "10.10.2.20"}{
Rewrite HOST
[HTTP::host] "mail.domain.com"
}
pool Test_iNotes_pool
}
when HTTP_RESPONSE {
Check if response is a name
if {[HTTP::host] eq "mail.domain.com"}{
Rewrite return HOST
[HTTP::host] "10.10.2.20"
}
}
edited, because I forgot to anonymize
hoolioCirrostratus
Hi tpearson,
You can use HTTP::header replace Host "newhost.example.com" to replace the existing Host header:when HTTP_REQUEST { Check if host is an IP address if {[HTTP::host] eq "10.198.239.248"}{ Replace host header HTTP::header replace Host "newhost.example.com" } }
There isn't a host header in responses, so you shouldn't need to modify the response headers or content.
Aaron
tim_pearson_938thanks,
That got me one step farther, the notes server sends me a 302 and redirects me to itself, how do I catch that and rewrite that too?- hoolioIs 'itself' an IP address or a hostname? Can you post an anonymized example?
Thanks,
Aaron - tim_pearson_938Using your example hoolio, works until the inotes server sends me a 302 to mail.domain.com. I am using snats on this since, both the client and the mail server are on the local subnet (not sure it that causes any issues)
Client --http:// --->F5 ---http://mail.domain.com ---> mail server
This part works, I get the login page, and can even authenticate with it, then after authentication, the mail server sends a 302 to http://mail.domain.com/someURIinfo.
It is that 302 response I need to change from mail.domain.com to an
Hope that helps some - hoolioSomething like this maybe?
when HTTP_REQUEST { Set a flag to rewrite host in redirect responses set check_response 0 Check if host is an IP address if {[HTTP::host] eq "10.198.239.248"}{ Replace host header HTTP::header replace Host "newhost.example.com" Set a flag to rewrite host in redirect responses set check_response 1 } } when HTTP_RESPONSE { if {$check_response and [HTTP::is_redirect]}{ Rewrite the Location header to an IP HTTP::header replace Location [string map {newhost.example.com 10.198.239.248} [HTTP::header value Location]] } }
If you have multiple IP addresses you'd potentially want to check for let me know. This option should work for a single IP.
Aaron - tim_pearson_938I used the above rule, but the F5 virtual server sends me a reset on my first request.
- hoolioCan you check the /var/log/ltm log file? There should be a TCL error listed.
Aaron - tim_pearson_938Here are the TCL errors in /var/log/ltm
Oct 10 10:21:09 tmm tmm[1283]: 01220001:3: TCL error: Rule iNotes_rewrite - invalid command name "10.198.239.248" while executing "[HTTP::host] "mail.domain.com" "
Oct 10 10:21:16 tmm tmm[1283]: 01220001:3: TCL error: Rule iNotes_rewrite - invalid command name "10.198.239.248" while executing "[HTTP::host] "mail.domain.com" " - hoolioI think that's an error from your previous rule. Can you retest and check for new errors? You can copy the ltm log file to a backup and clear it using the following:
cp -p /var/log/ltm /var/log/ltm.old; cat /dev/null > /var/log/ltm
Aaron - tim_pearson_938sorry, wrong rule,
Oct 10 10:38:10 tmm tmm[1283]: 01220001:3: TCL error: Rule inotes_test_2 - invalid command name "HTTP::is_redirect" while executing "HTTP::is_redirect"
I am guessing it is because this guy is on 9.1.2 and does not know the HTTP::is_redirect command?