Forum Discussion
JGranieri_10614
Nimbostratus
NimbostratusHow to remove content from TCP Payload
Hello,
I have a scenario where I need to 1 extract a token between a start and end characters and then 2 remove this data from tcp payload so this never makes it to the server.
I have 1 taken car...
nitass
Employee
Employeeshouldn't it be SSL::payload?
SSL::payload
https://devcentral.f5.com/wiki/iRules.SSL__payload.ashxps. please ignore http header (content-length).
e.g.
config
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
when CLIENTSSL_HANDSHAKE {
SSL::collect
}
when CLIENTSSL_DATA {
set token [findstr [SSL::payload] "PW=" 3 "PW_END"]
set newstring [string map [list "PW=${token}PW_END" ""] [SSL::payload]]
SSL::payload replace 0 [SSL::payload length] ""
SSL::payload replace 0 0 $newstring
SSL::release
SSL::collect
}
}
trace
1 10 1408601582.3489 (0.0016) C>SV3.1(272) application_data
---------------------------------------------------------------
POST / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Host: 172.28.24.10
Accept: */*
Content-Length: 24
Content-Type: application/x-www-form-urlencoded
12345PW=bigipPW_END67890---------------------------------------------------------------
New TCP connection 2: 200.200.200.14(28672) <-> 200.200.200.101(80)
1408601582.3855 (0.0183) C>S
---------------------------------------------------------------
POST / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Host: 172.28.24.10
Accept: */*
Content-Length: 24
Content-Type: application/x-www-form-urlencoded
1234567890---------------------------------------------------------------
