Forum Discussion
chrismckean_190
Nimbostratus
NimbostratusHttps redirect with exceptions not working
Hi Guys, I was hoping someone might be able to help me. I'm trying to put an irule in that redirects all urls to https from http bar some exceptions. I've currently got the below rule (bottom) which seems to work fine with the lines like this
} elseif { ( [HTTP::uri] contains "/admin" ) } {
pool pool1-http
where it looks for something after the domain. When I've tried to put something in to look for something in the domain it doesn't appear to be working as it's still redirecting to https. So, lines like this
if { ( [HTTP::host] starts_with "admin" ) } {
pool pool1-http
I can only seem to get the irule exceptions working anything after the domain. Has anyone got any ideas on this one. Any help would be much appreciated
Here is the full rule I've currently got.
when HTTP_REQUEST {
if { ( [HTTP::host] starts_with "admin" ) } {
pool pool1-http
} elseif { ( [HTTP::uri] contains "/admin" ) } {
pool pool1-http
} elseif { ( [HTTP::uri] contains "/schedule" ) } {
pool pool1-http
} else {
HTTP::redirect https://[HTTP::host][HTTP::uri]
}}
Cheers
Chris
If I go to the site it redirects to https.
may the redirect be done by server?
have you ever used http analyzer tool? it may be helpful.
HttpFox
https://addons.mozilla.org/en-us/firefox/addon/httpfox/
Michael_JenkinsCirrostratus
It could be a couple of different things. One is that you should almost always to a
on your hosts and uris in iRules so you can basically do a case-insensitive search (unless casing matters for you). If the casing were different in your case here, that would be one reason it wouldn't work right.string tolowerAnother thing to do would be to add logging (see below) and check the
log to see what's actually coming through. That may help determine why this is happening.ltmwhen HTTP_REQUEST { set uri [string tolower [HTTP::uri]] log local0. "Host: '[HTTP::host]'" log local0. " URI: '$uri'" if { [string tolower [HTTP::host]] starts_with "admin" } { log local0. " Match: host starts with 'admin'" pool pool1-http } elseif { $uri contains "/admin" } { log local0. " Match: uri contains '/admin'" pool pool1-http } elseif { $uri contains "/schedule" } { log local0. " Match: uri contains '/schedule'" pool pool1-http } else { log local0. " No match: redirect" HTTP::redirect https://[HTTP::host][HTTP::uri] return } }
chrismckean_190Hi Michael, Thank you for replying. I've set that Irule you pasted but it's still not working. I can see the host is being picked up as "admin.domain.com" but the redirect doesn't work. I can't seem to get the irule to pay any attention to what it see's in the hosts field unless I am redirecting any value in there and not specifying a specific host.
Mar 13 11:22:48 ltm10200-01 info tmm1[27462]: Rule /Production/test : Host: admin.domain.comAny ideas?
Cheers
Chris
- Michael_JenkinsUpdated the iRule above. Try that again. I added more logging. and copy the results to here, please.
- chrismckean_190Hi Michael, It still didn't work. It worked if I have /admin after the domain but did not work on domain alone. Below are the results Mar 13 12:19:08 ltm10200-01 info tmm7[27462]: Rule /Production/test_atm : Host: 'admin.domain.com' Mar 13 12:19:08 ltm10200-01 info tmm7[27462]: Rule /Production/test_atm : URI: '/admin' Mar 13 12:19:08 ltm10200-01 info tmm7[27462]: Rule /Production/test_atm : Match: host starts with 'admin' Mar 13 12:19:13 ltm10200-01 info tmm7[27462]: Rule /Production/test_atm : Host: 'admin.domain.com' Mar 13 12:19:13 ltm10200-01 info tmm7[27462]: Rule /Production/test_atm : URI: '/' Mar 13 12:19:13 ltm10200-01 info tmm7[27462]: Rule /Production/test_atm : Match: host starts with 'admin'
- Michael_JenkinsDo you have any other iRules or Local Traffic Policies associated with the VIP? From the logs, it looks like it's working, since the log shows it matching the host. If you have CLI access, can you run "tmsh list ltm virtual VIP_NAME" and copy your VIP config (sanitize as necessary).
nitassEmployee
If I go to the site it redirects to https.
may the redirect be done by server?
have you ever used http analyzer tool? it may be helpful.
HttpFox
https://addons.mozilla.org/en-us/firefox/addon/httpfox/- chrismckean_190Hi Michael, Really sorry to mess you about. I went and pressured our server guys to have a deep look into this and it looks like something is on the server. They swore there wasn't anything on there. Thanks for your help. I've at least learnt some lessons from this with regards to iRules. Cheers Chris
- Michael_JenkinsNo problem. I was thinking there had to be something else going on. Forgot to think about the web server :)
nitass_89166Noctilucent
If I go to the site it redirects to https.
may the redirect be done by server?
have you ever used http analyzer tool? it may be helpful.
HttpFox
https://addons.mozilla.org/en-us/firefox/addon/httpfox/- chrismckean_190Hi Michael, Really sorry to mess you about. I went and pressured our server guys to have a deep look into this and it looks like something is on the server. They swore there wasn't anything on there. Thanks for your help. I've at least learnt some lessons from this with regards to iRules. Cheers Chris
- Michael_JenkinsNo problem. I was thinking there had to be something else going on. Forgot to think about the web server :)
Hi Chris,
according to your virtual server configuration the virtual server and pools are located in an administrative partition. Please add the partition to the pool statements in the iRule (in case the pool1-http in not located in the /Common/ partition):{ pool /Production/pool1-http }Thanks, Stephan
