HTTP Monitor that follows redirects

Happy to help ... I should have posted that up a while back after it worked!

 

 

Sam

 

I am trying to achieve the same thing. Its not owrking for me though.

Question: How do you step through it in SSH to see what the issue might be? However, when I copy your command and substitute for the variables and minus the GREP piece, like so:

curl -L --ntlm -k -v --user 'username@acc.org:password' http://10.10.185.39/whatsup.aspx -H "Host: intranet.acc.org"

I get the following, which seems fine as I am searching for the string of "1-UP"

 -H "Host: intranet.acc.org"  
 * About to connect() to 10.10.185.39 port 80  
 *   Trying 10.10.185.39... connected  
 * Connected to 10.10.185.39 (10.10.185.39) port 80  
 * Server auth using NTLM with user 'ddenbow@acc.org'  
 > GET /whatsup.aspx HTTP/1.1  
 > Authorization: NTLM TlRMTVNTUAABAAAAAgIAAAAAAAAgAAAAAAAAACAAAAA=  
 > User-Agent: curl/7.15.3 (i686-redhat-linux-gnu) libcurl/7.15.3 OpenSSL/0.9.7l zlib/1.1.4  
 > Accept: */*  
 > Host: intranet.acc.org  
 >  
 < HTTP/1.1 401 Unauthorized  
 < Content-Length: 1539  
 < Content-Type: text/html  
 < Server: Microsoft-IIS/6.0  
 < WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAADgAAAACAgACUvatNVQ+0zgAAAAAAAAAAAAAAAA4AAAABQLODgAAAA8=  
 < MicrosoftSharePointTeamServices: 12.0.0.6305  
 < X-Powered-By: ASP.NET  
 < Date: Mon, 13 Jul 2009 17:57:21 GMT  
 * Ignoring the response-body  
 * Connection 0 to host 10.10.185.39 left intact  
 * Issue another request to this URL: 'http://10.10.185.39/whatsup.aspx'  
 * Re-using existing connection! (0) with host 10.10.185.39  
 * Connected to 10.10.185.39 (10.10.185.39) port 80  
 * Server auth using NTLM with user 'ddenbow@acc.org'  
 > GET /whatsup.aspx HTTP/1.1  
 > Authorization: NTLM TlRMTVNTUAADAAAAGAAYAE8AAAAYABgAZwAAAAAAAABAAAAADwAPAEAAAAAAAAAATwAAAAAAAAB/AAAAAYIAAGRkZW5                                                                                              ib3dAYWNjLm9yZ9zh9zUiNOiixpBBtqKedUUnFyVAwbdzmDYHNgtUai73o49khXr1DcIOjw5Dwj4kXg==  
 > User-Agent: curl/7.15.3 (i686-redhat-linux-gnu) libcurl/7.15.3 OpenSSL/0.9.7l zlib/1.1.4  
 > Accept: */*  
 > Host: intranet.acc.org  
 >  
 < HTTP/1.1 200 OK  
 < Date: Mon, 13 Jul 2009 17:57:21 GMT  
 < Server: Microsoft-IIS/6.0  
 < MicrosoftSharePointTeamServices: 12.0.0.6305  
 < X-Powered-By: ASP.NET  
 < X-AspNet-Version: 2.0.50727  
 < Set-Cookie: WSS_KeepSessionAuthenticated=80; path=/  
 < Cache-Control: private, max-age=0  
 < Expires: Sun, 28 Jun 2009 17:57:21 GMT  
 < Last-Modified: Mon, 13 Jul 2009 17:57:21 GMT  
 < Content-Type: text/html; charset=utf-8  
 < Content-Length: 597  
   
   
 <                                                                                              meta name="Microsoft Theme" content="acc 1011, default" />  <br>   
   
 > name="form1" method="post" action="whatsup.aspx" id="form1">  
   
   
   
 1-UP  
   
 Connection 0 to host 10.10.185.39 left intact  
 

So it should work right? But for some reason when I copy the monitor over and use it on my pool ... its down. I tried substituting both IPs for my 2 pool members in the command line and both get the same as above.

Am I missing something? I dont need to declare any variables or explicit arguments in my external monitor right?

Thanks

Just curious, what are the permissions on your monitor? If you're logged in as root when running from the SSH console, you'll have permissions to execute the script. I believe the F5 doesn't use root to run the monitor, so you need to set permissions on the script. In my environment, I used full access to the file as I've got the LTM locked down as to who and what has access.

 

 

I'd give that a look and perhaps that could help you out.

So my results are above and my script is below:

!/bin/sh  
  remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)  
 IP=`echo ${1} | sed 's/::ffff://'`  
  IP=${1}  
 PORT=${2}  
 PIDFILE="/var/run/`basename ${0}`.${IP}_${PORT}.pid"  
  kill of the last instance of this monitor if hung and log current pid  
 if [ -f $PIDFILE ]  
 then  
 kill -9 `cat $PIDFILE` > /dev/null 2>&1  
 fi  
 echo "$$" > $PIDFILE  
  send request & check for expected response  
 curl -L --ntlm -k -v --user 'me@me.org:mememe' http://${IP}:${PORT}/whatsup.aspx -H "Host: intranet.acc.org" | grep -i "1-UP" 2>&1 > /dev/null  
  mark node UP if expected response was received  
 if [ $? -eq 0 ]  
 then  
 echo "UP"  
 fi  
 rm -f $PIDFILE  
 exit

I figured someone would want to see my script, here it is.

I changed it via chmod on the script ... just gave it 777 (which is rwx for everything) ... is that what you mean?

Sure, you could do it via WinSCP. I use WinSCP as well since I can quickly open and edit the script file. You should also be able to use the chmod command if you're at the command line as well, I think (might need to search for basic commands online though).

HMmm still no go, do I have to change the owner? Here goes screen shot of my permissions from SSH console (NTLM_Auth_Intranet) is the file.

 

Screenshot:

 

 

I don't know if you'd need to change owner or not. I created all of mine as root simply b/c I was logged in via WinSCP as root at the time. Now that you have changed permission, what do you see when you run the command from the SSH console?

 

 

I'd run:

 

sh -x /usr/bin/monitors/NTLM_Auth_Intranet 10.10.185.39 80

 

(I think I've gotten that correct based upon the IP and port you were testing in your script text you posted)

 

 

And verify that in your results you see:

 

* Closing connection 0

 

+ '[' 0 -eq 0 ']'

 

+ echo UP

 

UP

 

+ rm -f /var/run/NTLM_Auth_Intranet.10.10.185.39_80.pid

 

+ exit

 

 

If you see UP echo-ed onto the screen then for sure your script and grep command are working as expected against the NTLM-enabled site. Then it would be a matter of checking permissions / owner on the script itself. Also, I would make sure that you've got the script name copied exactly into the F5 external monitor via the GUI (i.e. capitalization of the name matches exactly).

 

One other item to check might be that you need a host header on your site, though I don't believe you'd have success at the SSH console manually but then not when run on its own by the LTM if it was indeed an issue w/ host headers. I ran into that once before which is why I was checking.

 

 

Thanks,

 

Sam

Ok BAM ... its failing.

 

 

++ echo 10.10.185.39

 

++ sed s/::ffff://

 

+ IP=10.10.185.39

 

+ $'\r'

 

: command not foundTLM_Auth_Intranet: line 3:

 

+ PORT=80

 

+ $'\r'

 

: command not foundTLM_Auth_Intranet: line 5:

 

++ basename /usr/bin/monitors/NTLM_Auth_Intranet

 

+ PIDFILE=/var/run/NTLM_Auth_Intranet._.pid

 

+ $'\r'

 

: command not foundTLM_Auth_Intranet: line 6:

 

'usr/bin/monitors/NTLM_Auth_Intranet: line 11: syntax error near unexpected token `

 

'usr/bin/monitors/NTLM_Auth_Intranet: line 11: `fi

 

It looks like its failing on these lines:

 

LINE 3= IP=`echo ${1} | sed 's/::ffff://'`

 

LINE 5= PORT=${2}

 

LINE 6= PIDFILE="/var/run/`basename ${0}`.${IP}_${PORT}.pid"

 

 

Could this be a version thing? I have 9.4.2.

 

 

I definitely have the host headers right too and definitely the script name (case that is) is working as it opened the script.

 

Hmmmmmmmmmmmm.

Hey there, I'm not really sure ... I have a testing 3400LTM that's on 9.4.5 and I am able to make it work using the same script that works on my production 9.3.1 6400LTM. It might be worth testing with replacing the "-L" for "-fNs" in your cURL command, as the "-fNs" works on my 9.4.5 LTM.

 

 

Regarding that 'fi syntax, I don't think there should be a apostrophe in front of "fi" as well. Based on the text you posted it seemed like there was.

 

 

I don't see the "$'\r'" line in my results either, so I'm not sure where that is coming from in your case. Are you sure you've got the the syntax exact in your script? Possibly a case with F5 support might be a last resort.