Forum Discussion
Blueluke_85810
Nimbostratus
NimbostratusHTTP Profile breaking HTTPS site
If I apply a vanilla HTTP Profile to my HTTPS VIP it stops the page from being returned. As soon as I remove the profile it starts working again. I am not offloading at the LTM. What could be causi...
Kevin_Stewart
Employee
EmployeeThat's actually pretty cool that you can search inside the TCP payload like that
I realized after my last post that I gave you an egregious example. The following is perhaps more succinct.
when CLIENT_ACCEPTED {
TCP::collect
}
when CLIENT_DATA {
set HOST [findstr [TCP::payload] "Host: " 6 "\r\n"]
scan [TCP::payload] "%s %s HTTP/1" METHOD URI
TCP::respond "HTTP/1.1 302 Found\r\nLocation: https://${HOST}${URI}\r\n\r\n"
TCP::release
}
It's shorter of course, but it still doesn't displace the notion that you have to physically parse the HTTP payload out of the TCP packet, and that you have to have a much better understanding of how the layer 7 protocol works. For things like HTTP, it just makes sense from a management and ease-of-use perspective to use HTTP-level events and commands (with an associated HTTP profile). Where it gets REALLY useful is when you have to support a protocol that isn't built-in.