Getting error while generating ucs file with passphrase

Sorry I dint quite get your requirement,

It is one Irule right being called in multiple vips, whatever changes being made to that one Irule will reflect for every VS that its applied.

Or are you planning to add a new irule to multiple vips ?

Hi,

I think that satishs have one irule that is configured over several vs. And he want to update it with a new version.

• first of all, always keep an earlier version of the irula in case of rollback.
• this version must be saved on F5 with a version/date so that it can be accessed by your entire team (or on git) depending how you work.
• Before editing irule launch the following commad (CLI):

tailf /var/log/ltm | grep "TCL error"

It will allow you to trriged TCL error and to fix quickly edge effects.

the problem when you use the same IRULE on more than one service, is that you have to make sure that your modification does not alter one of them. especially if VS or IRULE apply are different services (OWA, APP, CRM, ...).

Then valid that your change will not change the behavior of any of your services.

• Once you modify the your IRULE be valid all your service or part of them.
• If you had an tcl error (do a rollback), check why you had an erro in the logs then fix it.

but as I explained earlier everything depends what you have in your irule. For example if you have an maintenance page (Irule), a test on a single application that carries the IRULE will allow you that everything is correct.

Hope it's clear for you.

Regards,

I found this code on codeshare to remove irule for all virtual servers with TMSH::script...

I changed it to append the irule in the list of rules for selected virtual servers

modify script add_irule.tcl {
proc script::init {} {
}

proc script::run {} {
    if { $tmsh::argc < 3 } {
        puts "A single rule name must be provided"
        exit
    }
    set rulename [lindex $tmsh::argv 1]
    set rules ""
    set vips [tmsh::get_config /ltm virtual [lrange $tmsh::argv 2 end]]
    set vips_in_play ""

    tmsh::begin_transaction
    foreach vip $vips {
        tmsh::get_field_value $vip "rules" rules

         Rule keyword is present, but not $rulename rule
        if { [lsearch -exact $rules $rulename] != -1 || [lsearch -exact $rules [lindex [split $rulename "/" ] 2]] != -1 } {
            puts "The $rulename iRule was already assigned to the virtual server [tmsh::get_name $vip] "
            continue
        } else {
            lappend rules $rulename
            tmsh::modify /ltm virtual [tmsh::get_name $vip] rules "{ $rules }"
            lappend vips_in_play $vip
        }
    }

     tmsh::commit_transaction

     puts "The $rulename iRule was added to the following virtuals: "
     foreach x $vips_in_play {
     puts "\t[tmsh::get_name $x]"
   }
}

proc script::help {} {
}

proc script::tabc {} {
}
}

to use it, create in in tmsh with (this is a VI editor)

create cli script add_irule.tcl

Then run it with

run cli script add_irule.tcl irulename virtual_server1 virtual_server2 virtual_server3 virtual_server4 ...

Thank you all for the suggested solutions . I will try out and let you know what worked for my case.

you can use the tmsh edit command and a vi editor

tmsh edit ltm virtual all

Usage:

:%s///g

Example: find 'ip protocol tcp' and replace with: ip protocol tcp rules { rule 1 }

:%s/ip protocol tcp/ip protocol tcp\rrules { rule_1 }/g

:wq