Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Donovan_Price_1's avatar
Donovan_Price_1
Icon for Nimbostratus rankNimbostratus
16 years ago

Irule for Universal Persistance Using a Header Value

Hi     I have created the Irule that reads the value of MySessionId from the header I have removed the logging entries from below to make it simpler what I see is the following: the MySessi...
application delivery
dev
devops
irules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
16 years ago
Hi Don,

Can you try adding some logging, reproduce the issue and post the anonymized log entries from /var/log/ltm? 

 
 when HTTP_REQUEST { 
  
    set Sid [HTTP::header value "MySessionId"] 
    log local0. "[IP::client_addr]:[TCP::client_port]: \$Sid: $Sid" 
    if { $Sid != "" }{ 
       set value [persist lookup uie $Sid] 
       log local0. "[IP::client_addr]:[TCP::client_port]: \$value: $value" 
       if { $value != ""}{ 
          persist uie $Sid 
       } 
    } 
 } 
 when PERSIST_DOWN { 
  
    log local0. "[IP::client_addr]:[TCP::client_port]" 
 } 
 when SERVER_CONNECTED { 
  
    log local0. "[IP::client_addr]:[TCP::client_port]: [IP::server_addr]:[TCP::server_port]" 
 }

Also, when you say the app inserts a header in the requests, how does this happen? Is the client a standard browser? I didn't think a server could force a client to insert an arbitrary HTTP header in a request.

Thanks,

Aaron