Forum Discussion
NimbostratusIRULE: APP CRASH AFTER HTTP_RESPONSE WHEN DISPLAY VARIABLE
Dear, I have a problem with a irule.
The problem happens when http_request from which checks if a login is valid or invalid a variable that is in memory that was allocated from a HTTP_REQUEST_DATA sets.
F5 ASM 10.4 - HF 3 😞
What happens to the page stops responding.
I attached an example for you to give me your opinion
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
when RULE_INIT {
set static::conn_debug 0
}
when HTTP_RESPONSE {
log local0. " here is the crash $usuario"
}
when HTTP_REQUEST {
set login_request 0
if { [HTTP::uri] starts_with "/app" && [HTTP::method] eq "POST" } {
HTTP::header remove "Accept-Encoding"
if { [HTTP::version] eq "1.1" } {
if { [HTTP::header is_keepalive] } { HTTP::header replace "Connection" "Keep-Alive" }
HTTP::version "1.0"
}
if { [HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] < 1048577 } {
set content_length [HTTP::header "Content-Length"]
} else {
set content_length 1048576
}
if { $content_length > 0 } {
HTTP::collect $content_length
}
set login_request 1
}
}
when HTTP_REQUEST_DATA {
if { $login_request == 1 } {
if { [URI::query "?[HTTP::payload]" exe] equals "exe" } {
***set usuario [URI::query "?[HTTP::payload]" userne]***
if { [string tolower $usuario] equals "validuser" } {
log local0. "allow"
} elseif {[string tolower $usuario] starts_with "a" }{
TCP::close
log local0. "Block"
} else {
set login_request 0
}
HTTP::release
}
}
}
9 Replies
Christian_Baco1Hum! you have to explain what do you want do to. Login something but ? You script need to understand what you want ? And may be you don't have to look into the payload.
- Christian_Baco1Need the context to answer your question successfully.
jplopezy_118145The irule making is a record of 4 types:
1 - Income from whitelist 2 - Gross income from blacklist 3 - Successful Income (indifferent if in any list) 4 - failed Income (indifferent if in any list)
The problem is when I want to use a variable that is hosted in the memory response, the application does not work there.
If the response would be empty works.
- Christian_Baco1
when RULE_INIT {
set static::conn_debug 0}
when HTTP_REQUEST {
set login_request 0 set usuario "NO" log local0. "Enter HTTP_REQUEST [HTTP::path]" if { [HTTP::path] starts_with "/app" && [HTTP::method] eq "POST" } { HTTP::header remove "Accept-Encoding" if { [HTTP::version] eq "1.1" } { if { [HTTP::header is_keepalive] } { HTTP::header replace "Connection" "Keep-Alive" } HTTP::version "1.0" } if { [HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] < 1048577 } { set content_length [HTTP::header "Content-Length"] } else { set content_length 1048576 } if { $content_length > 0 } { HTTP::collect $content_length } set login_request 1 }}
when HTTP_REQUEST_DATA {
log local0. "Enter HTTP_REQUEST_DATA [$login_request]" if { $login_request == 1 } { if { [URI::query "?[HTTP::payload]" exe] equals "exe" } { set usuario [URI::query "?[HTTP::payload]" userne] if { $::usuario != "" } { if { [string tolower $usuario] equals "validuser" } { log local0. "allow" } elseif {[string tolower $usuario] starts_with "a" }{ TCP::close log local0. "Block" } else { set login_request 0 } } HTTP::release } } log local0. "Exit HTTP_REQUEST_DATA"}
when HTTP_RESPONSE {
log local0. " here is the crash $usuario"}
- Christian_Baco1Try this
- Christian_Baco1and check you log /var/log/ltm @+
- Kevin_Stewart
Employee
I would also add that a URI query is not in an HTTP payload, and wouldn't need an HTTP::collect operation. A URI query value is in the URI itself, so you could extract it directly from within HTTP_REQUEST. Example URI query:
GET /foo/bar?exe=test&userne=bob - jplopezy_118145
Christian Bacon,
This happend with your irule :
Nov 26 10:10:26 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:26 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:26 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/19251/scripts/swecommon_top.js Nov 26 10:10:26 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/19251/scripts/swecommon.js Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/19251/scripts/swecmn_hi.js Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/files/main.css Nov 26 10:10:27 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/19251/scripts/swecmn_hi_top.js Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/19251/scripts/login.js Nov 26 10:10:27 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/images/logo77.gif Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/images/globe77_d.gif Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/images/spacer.gif Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/images/login77_d.gif Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:27 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : here is the crash NO Nov 26 10:10:30 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:30 local/tmm err tmm[5045]: 01220001:3: TCL error: Irule-SIEBEL-TESTING - invalid command name "1" while executing "$login_request" Nov 26 10:10:30 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:30 local/tmm err tmm[5045]: 01220001:3: TCL error: Irule-SIEBEL-TESTING - invalid command name "1" while executing "$login_request" Nov 26 10:10:30 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:30 local/tmm1 err tmm1[5047]: 01220001:3: TCL error: Irule-SIEBEL-TESTING - invalid command name "1" while executing "$login_request" Nov 26 10:10:30 local/tmm1 info tmm1[5047]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:30 local/tmm1 err tmm1[5047]: 01220001:3: TCL error: Irule-SIEBEL-TESTING - invalid command name "1" while executing "$login_request" Nov 26 10:10:30 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:30 local/tmm err tmm[5045]: 01220001:3: TCL error: Irule-SIEBEL-TESTING - invalid command name "1" while executing "$login_request" Nov 26 10:10:30 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:30 local/tmm err tmm[5045]: 01220001:3: TCL error: Irule-SIEBEL-TESTING - invalid command name "1" while executing "$login_request" Nov 26 10:10:30 local/tmm info tmm[5045]: Rule Irule-SIEBEL-TESTING : Enter HTTP_REQUEST /crm/start.swe Nov 26 10:10:30 local/tmm err tmm[5045]: 01220001:3: TCL error: Irule-SIEBEL-TESTING - invalid command name "1" while executing "$login_request"
- jplopezy_118145
NICE, the solution is the irule of Kevin Stewart.
i get all from http_request and remove collector. all work, is want the irule i can post it!
regards! - RESOLVE
