For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Richard_Schmit_'s avatar
Richard_Schmit_
Icon for Nimbostratus rankNimbostratus
May 09, 2014

Have an I-Rule from an old 9.X platform that is not working on 11.4.1 Causing connecteion reset errors. Any idea's ??/

when RULE_INIT { set sec_http_methods [list "CONNECT" "DELETE" "DEBUG" "TRACE"] Create a list of the response headers to preserve. This needs to be tailored to the application! set ::headers_to_hi...
application delivery
deployment
devops
iRules
LTM
security
spaceage53_8664's avatar
spaceage53_8664
Icon for Nimbostratus rankNimbostratus
May 12, 2014

The problem with the iRule is that is calling Big pipe commands/syntax. That is legacy from the 9.x code that you were running. In 11.4 with TMOS it will reject those commands and kill the iRule. You will have to remove and replace that old syntax with the current syntax for TMOS/tmsh if you want that same rule to work. There are not a lot of changes as iRule are based on TCL but there are a few and they can trip you up. Henrik did a good job of pointing out a few of them in your code. I would recommend looking for a new iRule that does the same thing that this one does. There are plenty here on DevCentral that may even do it a bit better.