For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

zhangyuyao_1600's avatar
zhangyuyao_1600
Icon for Nimbostratus rankNimbostratus
Aug 04, 2016

iRule can't execute the virtual command when using [clientside {TCP::local_port}]

There is an iRule below : when CLIENT_ACCEPTED { if {[IP::addr [IP::client_addr] equals 114.255.174.240] } { set Destination_Port [clientside {TCP::local_port}] if {($Destination...
application delivery
iRules
LTM
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Aug 04, 2016

Hi Zhangyuyao,

there is no need to switch into the client side context if you are already in the client side context. Using the 

[clientside]
/ 
[serverside]
command is just required in those usecases where you need to execute client side command in the server side context or a serverside command in the client side...

Try the irule below... it should be able to query the local portnumber and perform the 

[pool]
/ 
[virtual]
routing decission based on it. 

when CLIENT_ACCEPTED {  
    if { [IP::addr [IP::client_addr] equals 114.255.174.240] } then {
        if { ([TCP::local_port] >= 10069) and ([TCP::local_port] <= 10124) } then {      
            virtual VS_4809_Troubleshooting_443
        } elseif { ([TCP::local_port] >= 11069) and ([TCP::local_port] <= 11124) } then {
            virtual VS_4809_Troubleshooting_80
        } else { 
            pool pool_4809_Troubleshooting_443
        }
    }
}

Note: You can still issue the 

[clientside { TCP::local_port }]
command, but there is really no need to do so in the 
CLIENT_ACCEPTED
event.

Cheers, Kai