iRule questions maybe easy, maybe hard?

Soo..

 

 

A few months ago I inherited 5 F5s spread across a few labs, this being my first time I've got to code a iRule for them, (much less seen one!) and they are a little odd.

 

 

I'm attempting to code a iRule that accepts a client certificate for a specific URI, and denies others, I have found MANY examples on Dev, and cobbled together something that will work for me. In designing this iRule I came across some questions regarding syntax and perhaps some basic howtos that I can't seem to find anywhere. Hopefully someone here can help! =)

 

 

Anyway, onward to the questions! And you will have to excuse me if the questions are a little 'lacking', i'm new at this =)

 

 

1) i'm attempting to print the status of a current setting out of the configuration, is this possible? e.g. I would like to print out the current state of [SSL::cert mode] (wether it be require/request/auto/ignore) how could I convert to string so it's loggable?

 

 

2) From my limited experience, changing the SSL:cert mode on the fly seems to be broken? I'm following the guide on this page http://devcentral.f5.com/Wiki/default.aspx/iRules/SSL__renegotiate.html and while it makes sense. it doesn't actually appear to be working? is there a place that I could actually *see* the steps (tail a log file?) this is taking as to start troubleshoot that handshake?

 

 

3) is there a way to actually interact with the file system using irules? say to print or read from a file, or to do some sort of comparison?

 

 

4) I'm finding that I'm having issues with my clients SSL caching on the browser side. Is using the SSL:renogotiate and SSL:session invalidate the best way to handle this?

 

 

5) can anyone recommend any books/materials/user groups/mailing lists?

 

 

Thanks in advance to anyone that can provide some insight on these things. I'll see you around the community!

 

-Garrett