Forum Discussion

szia_80879's avatar
szia_80879
Icon for Nimbostratus rankNimbostratus
Oct 17, 2007

Help with rewriting the URI

I am trying to create iRule(s) that would do the following:

 

 

- Users can come in on either port 80 or port 443. If a user comes in on port 80 they should be redirected to port 443. (It is done successfully.)

 

 

- After the request is redirected to port 443, access to a virtual pool should be based on IP address or IP range. If user has a registered IP address, the user should be redirected to

 

 

https://x.y.z:7008/int/intsearch. (A request to URI of / should be rewritten to /int/intsearch)

 

 

All other users should be directed to

 

 

https://x.y.z:7006/ext/extsearch (A request to URI of / should be rewritten to /ext/extsearch)

 

 

I have successfully created a trusted datagroup and an iRule that have redirected client’s request based on the IP address. However, I am having trouble rewriting the URI while it is redirecting the request. How do I add the URI rewrite feature while redirecting the request?

 

 

The Code is:

 

 

redirection_acl_rule

 

this event is triggered when a client - BIPIP TCP connection is established

 

when CLIENT_ACCEPTED {

 

is client IP address defined in the trusted datagroup?

 

if { [matchclass [IP::client_addr] equals $::trusted_datagroup] } {

 

pool Internal_7008_Pool

 

} else {

 

requests that did not match the conditions redirect to the External search

 

pool External_7006_Pool

 

}

 

log the client IP address -> destination IP address

 

log local0. "request accepted from client: \

 

[IP::client_addr] -> [IP::local_addr]"

 

}

 

 

Any help will be greatly appreciated.

 

 

Thank you.
application delivery
dev
devops
iRules
  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Oct 17, 2007
    Well, it looks like you're almost there. The only thing you need to add now is the logic around the HTTP::uri command to change the uri as desired. If you're looking to change all Internal pool request URIs to /int/intsearch and all external request URIs to /ext/extsearch, you'd want something like:

    
redirection_acl_rule
this event is triggered when a client - BIPIP TCP connection is established
when CLIENT_ACCEPTED {
  is client IP address defined in the trusted datagroup?
  if { [matchclass [IP::client_addr] equals $::trusted_datagroup] } {
    HTTP::uri /int/intsearch
    pool Internal_7008_Pool
  } else {
    requests that did not match the conditions redirect to the External search
    HTTP::uri /ext/extsearch
    pool External_7006_Pool
  }
  log the client IP address -> destination IP address
  log local0. "request accepted from client: \
  [IP::client_addr] -> [IP::local_addr]"
}

    If you only wanted this done if they had no requested URI or a URI of "/", then you'd need some additional logic:

    
when CLIENT_ACCEPTED {
  is client IP address defined in the trusted datagroup?
  if { [matchclass [IP::client_addr] equals $::trusted_datagroup] } {
    if{ [string length [HTTP::uri] <= 1 } { 
      HTTP::uri /int/intsearch
    }
    pool Internal_7008_Pool
  } else {
    requests that did not match the conditions redirect to the External search
    if{ [string length [HTTP::uri] <= 1 } { 
      HTTP::uri /ext/extsearch
    }
    pool External_7006_Pool
  }
  log the client IP address -> destination IP address
  log local0. "request accepted from client: \
  [IP::client_addr] -> [IP::local_addr]"
}

    HTH,

    Colin
  • szia_80879's avatar
    szia_80879
    Icon for Nimbostratus rankNimbostratus
    Oct 22, 2007
    Colin,

     

     

    Thank you for the codes. It did help me a lot. Initially, I had some additional problems; however, I was able to resolve them. It is working the way I wanted. I really appreciate the help.

     

     

    Thank you.