Forum Discussion
How can i create an iRule for one VIP with multiple service ports.
- Jul 25, 2018
It's possible but you need to set VIP destination port to 0. And write irule to allow defined port and block rest of the service.
Below irule might help...
when CLIENT_ACCEPTED { if { [TCP::local_port] == 5540 } { pool test_PROD_pool1 } elseif { [TCP::local_port] == 5580 } { pool test_PROD_pool2 } else { reject } }
Cheers...
It's possible but you need to set VIP destination port to 0. And write irule to allow defined port and block rest of the service.
Below irule might help...
when CLIENT_ACCEPTED {
if { [TCP::local_port] == 5540 } {
pool test_PROD_pool1
} elseif { [TCP::local_port] == 5580 } {
pool test_PROD_pool2
} else {
reject
}
}
Cheers...
- kderrough_26121Jul 25, 2018Nimbostratus
Will this syntax be correct? With the VIP destiation set to 0?
when CLIENT_ACCEPTED { if {([TCP::local_port] == 443 )} { pool pool_443 } if {([TCP::local_port] == 5554 )} { pool pool_5443 } if {([TCP::local_port] == 8080 )} { pool pool_8080 } if {([TCP::local_port] == 4900 )} { pool pool_4900 } if {([TCP::local_port] == 4889 )} { pool pool_4889 } if {([TCP::local_port] == 8081 )} { pool pool_8081 } if {([TCP::local_port] == 7301 )} { pool pool_7301 } if {([TCP::local_port] == 7302 )} { pool pool_7302 } if {([TCP::local_port] == 7788 )} { pool pool_7788 } if {([TCP::local_port] == 7799 )} { pool pool_7799 } if {([TCP::local_port] == 9851 )} { pool pool_9851 } if {([TCP::local_port] == 9788 )} { pool pool_9788 } else reject }
- kderrough_26121Jul 25, 2018Nimbostratus
Thanks for the info
- Samir_Jha_52506Jul 26, 2018Noctilucent
You can try with this code:
when CLIENT_ACCEPTED { if {([TCP::local_port] == 443 )} { pool pool_443 } elseif {([TCP::local_port] == 5554 )} { pool pool_5443 } elseif {([TCP::local_port] == 8080 )} { pool pool_8080 } elseif {([TCP::local_port] == 4900 )} { pool pool_4900 } elseif {([TCP::local_port] == 4889 )} { pool pool_4889 } elseif {([TCP::local_port] == 8081 )} { pool pool_8081 } elseif {([TCP::local_port] == 7301 )} { pool pool_7301 } elseif {([TCP::local_port] == 7302 )} { pool pool_7302 } elseif {([TCP::local_port] == 7788 )} { pool pool_7788 } elseif {([TCP::local_port] == 7799 )} { pool pool_7799 } elseif {([TCP::local_port] == 9851 )} { pool pool_9851 } elseif {([TCP::local_port] == 9788 )} { pool pool_9788 } else { reject } }
$1 * use a data group containing pool name as value. You can add as many port in datagroup...
ltm data-group internal DG_TCP { records { 443 {pool_443} 5554 {pool_5554} 8080 {Pool_8080} 4900 {pool_4900} 4889 {pool_4889} xxxx {pool_xxx} } type string } when CLIENT_ACCEPTED { if {[set pool [class match -value [TCP::local_port] equals "DG_TCP"]] ne ""} { pool $pool } else { reject } }
cheers...
- kderrough_26121Jul 26, 2018Nimbostratus
That's clever, but because adding and subtracting pool want change i'll use the first iRule suggested. Thanks for the prompt input.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com