Forum Discussion

Nimbostratus

Nov 24, 2008

iRule for Http redirect

I have defined a irule to forward http request to be converted as https. But when any https request to the same server is not being forwarded. This is the irule when HTTP_REQUEST { ...

Cirrostratus

Nov 25, 2008

Hi Raj,

If you have an 'any port' virtual server that can receive HTTP and HTTPS traffic you can add a client SSL profile and then disable it for requests to an HTTPS port. Assuming you have a pool defined on port 0 (any), you can use a rule like this:

 
 when CLIENT_ACCEPTED { 
  
     Check the requested port 
    switch [TCP::local_port] { 
       80 { 
           HTTP request, redirect to HTTPS using the same URI 
  
           Check if Host header value has a length 
          if {[string length [HTTP::host]]}{ 
  
              Redirect to the requested host and URI (minus the port if specified) 
             HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] 
  
          } else { 
  
              Redirect to VIP's IP address 
             HTTP::redirect https://[IP::local_addr][HTTP::uri] 
          } 
       } 
       443 { 
           HTTPS request.  Disable client SSL profile to prevent decryption 
          SSL::disable 
       } 
       default { 
           Request to undefined port.  Take some default action? 
  
   Send a reset? 
           reject 
  
   Drop the request? 
           drop 
       } 
    } 
 }

If this doesn't work as you'd expect for your scenario, you can add debug logging to determine what's happening.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)