Forum Discussion
david78
Nimbostratus
Nimbostratusi lost my response :(
Hello guys,
i write a very simple irule for log.
TCP LOG
when CLIENT_ACCEPTED {
log local0. " - SYN CLIENT - [IP::client_addr]:[TCP::client_port] -> [IP::local_addr]:[TCP::local_port]"
}
when CLIENT_CLOSED {
log local0. " * FIN CLIENT * [IP::client_addr]:[TCP::client_port] -> [IP::local_addr]:[TCP::local_port]"
}
when SERVER_CONNECTED {
log local0. " - SYN SERVER - [serverside {IP::local_addr}]:[serverside {TCP::local_port}] -> [IP::server_addr]:[serverside {TCP::remote_port}]"
}
when SERVER_CLOSED {
log local0. " * FIN SERVER * [serverside {IP::local_addr}]:[serverside {TCP::local_port}] -> [IP::server_addr]:[serverside {TCP::remote_port}]"
}
HTTP LOG
when HTTP_REQUEST {
log local0. "HEADER Request Client => '[HTTP::header names]'"
}
when HTTP_REQUEST_RELEASE {
log local0. "HEADER Request Server => '[HTTP::header names]'"
}
when HTTP_RESPONSE {
log local0. "HEADER Response Server => '[HTTP::header names]'"
}
when HTTP_RESPONSE_RELEASE {
log local0. "HEADER Response Client => '[HTTP::header names]'"
}
My first access it's ok, i have all log :
Feb 1 10:40:33 tmm3 info tmm3[3511]: Rule /Common/test : - SYN CLIENT - 10.80.197.25:58067 -> 172.20.38.210:80
Feb 1 10:40:37 tmm2 info tmm2[3510]: Rule /Common/test : HEADER Request Client => 'Host Connection User-Agent Accept Accept-Encoding Accept-Language Accept-Charset clientless-mode'
Feb 1 10:40:37 tmm2 info tmm2[3510]: Rule /Common/test : - SYN SERVER - 172.20.36.204:58990 -> 10.68.215.21:80
Feb 1 10:40:37 tmm2 info tmm2[3510]: Rule /Common/test : HEADER Request Server => 'Host Connection User-Agent Accept Accept-Language Accept-Charset Client-IP Client-host If-Modified-Since Authorization'
Feb 1 10:40:37 tmm2 info tmm2[3510]: Rule /Common/test : HEADER Response Server => 'Server Date Connection Last-Modified Content-Type'
Feb 1 10:40:37 tmm2 info tmm2[3510]: Rule /Common/test : HEADER Response Client => 'Server Last-Modified Content-Type Accept-Ranges Connection Date Age Content-Length Set-Cookie Set-Cookie Vary'
Feb 1 10:40:43 tmm3 info tmm3[3511]: Rule /Common/test : * FIN CLIENT * 10.80.197.25:58067 -> 172.20.38.210:80
Feb 1 10:40:43 tmm2 info tmm2[3510]: Rule /Common/test : * FIN SERVER * 172.20.36.204:58990 -> 10.68.215.21:80
But, if i push F5 buton or i click on refres in my browser, i lost the header in response :Feb 1 10:41:40 tmm1 info tmm1[3509]: Rule /Common/test : - SYN CLIENT - 10.80.197.25:58077 -> 172.20.38.210:80
Feb 1 10:41:40 tmm2 info tmm2[3510]: Rule /Common/test : - SYN CLIENT - 10.80.197.25:58078 -> 172.20.38.210:80
Feb 1 10:41:40 tmm1 info tmm1[3509]: Rule /Common/test : HEADER Request Client => 'Host Connection Cache-Control User-Agent Accept Accept-Encoding Accept-Language Accept-Charset Cookie If-Modified-Since'
Feb 1 10:41:40 tmm1 info tmm1[3509]: Rule /Common/test : HEADER Response Client => ''
Feb 1 10:41:40 tmm1 info tmm1[3509]: Rule /Common/test : * FIN CLIENT * 10.80.197.25:58077 -> 172.20.38.210:80
Feb 1 10:41:50 tmm2 info tmm2[3510]: Rule /Common/test : * FIN CLIENT * 10.80.197.25:58078 -> 172.20.38.210:80
I have verified whith Wireshark, and i have one request and one response with all header. Someone can explain me where i'm wrong
- nitass
Employee
are you using ramcache or something like that? 
david78yes, i use ramcache. Do you have an idea ?- nitassi guess the request is not sent to server since it is served by ramcache.
- david78ok, i see.
thx for your help 
hoolioCirrostratus
You could add logging to the CACHE_RESPONSE event to see this:
http://devcentral.f5.com/wiki/iRules.cache_response.ashx
Aaron- david78yes, i see.
I will use CACHE::headers :)
thx
