Forum Discussion
John_Masgalas_4
Nimbostratus
NimbostratusiRule modification - rdp
I currently use the below iRule with our Terminal Services pool. It strips everything after the "@" in the username so that the persistence entry is only the username. I would like to modify it so that usernames that are entered in the form "domain\username" are also entered in the table with just the username. In toehr words I weould like the iRule to strip out everything before the "/". How would I do this? Can someone help?
when CLIENT_ACCEPTED {
TCP::collect
}
when CLIENT_DATA {
TCP::collect 25
binary scan [TCP::payload] x11a* msrdp
log local0. "Contents after binary scan: $msrdp"
if { [string equal -nocase -length 17 $msrdp "cookie: mstshash="] } {
set msrdp [string range $msrdp 17 end]
set len [string first "\n" $msrdp]
if { $len == -1 } {
TCP::collect
return
}
if { $msrdp contains "@" } {
if { $len > 5 } {
incr len -1
log local0. "Data Persisting on: [getfield $msrdp "@" 1]"
persist uie [getfield $msrdp "@" 1] 10800
}
} else { persist uie $msrdp 10800}
}
TCP::release
}
17 Replies
hoolioCirrostratus
Thanks for that.
If the original string has two backslashes, then you'd need to use four for getfield. The first and third slashes escape the second and fourth.
[getfield $msrdp "\\\\" 2]
You could try something like this which assumes that the msrdp string won't have both an @ and backslashes. It also handles one backslash:if { $msrdp contains "@" } { log local0. "Data Persisting on: [getfield $msrdp "@" 1]" persist uie [getfield $msrdp "@" 1] 10800 } elseif { $msrdp contains "\\\\" } { log local0. "Data Persisting on: [getfield $msrdp "\\\\" 2]" persist uie [getfield $msrdp "\\\\" 2] 10800 } elseif { $msrdp contains "\\" } { log local0. "Data Persisting on: [getfield $msrdp "\\" 2]" persist uie [getfield $msrdp "\\" 2] 10800 } else { persist uie $msrdp 10800 log local0. "Data Persisting on: $msrdp" } }
Aaron
John_Masgalas_4So how would that incorporate to my entire iRule. Which parts would I keep and which would I change?- hoolioCan you try this?
when CLIENT_ACCEPTED { TCP::collect } when CLIENT_DATA { TCP::collect 25 binary scan [TCP::payload] x11a* msrdp log local0. "Contents after binary scan: $msrdp" if { [string equal -nocase -length 17 $msrdp "cookie: mstshash="] } { set msrdp [string range $msrdp 17 end] set len [string first "\n" $msrdp] if { $len == -1 } { TCP::collect return } if { $msrdp contains "@" } { log local0. "Data Persisting on: [getfield $msrdp "@" 1]" persist uie [getfield $msrdp "@" 1] 10800 } elseif { $msrdp contains "\\\\" } { log local0. "Data Persisting on: [getfield $msrdp "\\\\" 2]" persist uie [getfield $msrdp "\\\\" 2] 10800 } elseif { $msrdp contains "\\" } { log local0. "Data Persisting on: [getfield $msrdp "\\" 2]" persist uie [getfield $msrdp "\\" 2] 10800 } else { persist uie $msrdp 10800 log local0. "Data Persisting on: $msrdp" } } TCP::release }
I'm not sure I understand why the length was being decremented by 1 if $len is greater than 5. Citizen, can you elaborate on this?
Thanks,
Aaron - John_Masgalas_4It seems that with this rule it persists the value but as seperate entries. Also the stripping everything before \ is not creating a persistence table entry. When I ssh to our F5 here is what the output of b persist show all | grep doctest is:
[root@bigbrother:Active] config b persist show all | grep doctest
Mode: universal Value: doctest
Mode: universal Value: doctest
[root@bigbrother:Active] config
Here is the log file:
Feb 6 13:01:45 tmm tmm[31729]: Rule ssotest2 : Contents after binary scan: Cookie: mstshash=doctest
Feb 6 13:01:45 tmm tmm[31729]: Rule ssotest2 : Data Persisting on: doctest
Feb 6 13:02:31 tmm tmm[31729]: Rule ssotest2 : Contents after binary scan: Cookie: mstshash=doctest@Summithealth.local
Feb 6 13:02:31 tmm tmm[31729]: Rule ssotest2 : Data Persisting on: doctest
Feb 6 13:05:54 tmm tmm[31729]: Rule ssotest2 : Contents after binary scan: Cookie: mstshash=chbghosp\
Feb 6 13:05:54 tmm tmm[31729]: Rule ssotest2 : Data Persisting on: - JRahm
Admin
@Hoolio, if I recall correctly the len variable includes the "=", so it is decremented to remove the additional character that would otherwise be included in the persist string. - John_Masgalas_4Hey guys,
I got it to work. Here is the iRule as I have it:
when CLIENT_ACCEPTED {
TCP::collect
}
when CLIENT_DATA {
TCP::collect 25
binary scan [TCP::payload] x11a* msrdp
log local0. "Contents after binary scan: $msrdp"
if { [string equal -nocase -length 17 $msrdp "cookie: mstshash="] } {
set msrdp [string range $msrdp 17 end]
set len [string first "\n" $msrdp]
if { $len == -1 } {
TCP::collect
return
}
if { $msrdp contains "@" } {
log local0. "Setting data to: [getfield $msrdp "@" 1]"
set username [getfield $msrdp "@" 1]
} elseif { $msrdp contains "\\" } {
log local0. "Setting data to: [getfield $msrdp "\\" 3]"
set username [getfield $msrdp "\\" 3]
} else {
set username $msrdp
log local0. "Setting data to: $msrdp"
}
set finalusername [string tolower $username]
set finalusername [string trim $finalusername]
log local0. "User Being Persisted is: |$finalusername|"
persist uie $finalusername 10800
}
TCP::release
}
The only thing is that 9 character limit. I know this is an MS TS limitation but is ther a way around it. Thanks for all your input and help though. You have steered my in the right direction! - nathe
Cirrocumulus
Hi all, thought I'd add something to the mix here, mainly for information purposes in case anyone else is in my boat - although if anyone does have a nugget of info then that would be great.
I'm on LTM v9.0.x - thought this iRule would save the day but doesn't look like it works with this old code. Out of the 3 possible login situations username, username@company.org and domain\username, the only one it worked for was the username@company.org login type. The other 2 produced 2 persistence entries for one login and looking as follows: either username r??!???? or domain r??!??? (or some gobbledigook like that). In addition the persistence was not 100%.
One day I'll be given shiny new v10 appliances......until then.
N
