iRule redirect with URL masking and URI rewrite

Hi,

I am looking for a iRule to do a URL redirection and also appending a URI to the redirected URL. The redirected URL should be masked so that the client will not see that in the address bar.

The iRule I tried is given below. Which didn't work. Do I need to create a pool and add the server (myserver01:9001) to it?.

The url loads fine from the server when I browse it from the LAN network

when HTTP_REQUEST { if { (([HTTP::host] contains "buyer.abc.com") and ([HTTP::uri] equals "/" )) }{ HTTP::redirect } }

Hi,

You can't achieve what you are expecting without using iframes. But I strongly discourage you to use them for security reasons.

You can instead redirect to a relative path and then forward the request to the correct backend server :

when HTTP_REQUEST { 

    if { [HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/" } {
        HTTP::redirect "/apm/rest/MOBILITY/authService/1.0" 
        return
    }
    if {[HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/apm/rest/MOBILITY/authService/1.0"} {
        node myserver01 9001
        return 
    }
}

36 Replies

Yann_Desmarest_
Nacreous
Aug 09, 2017
Hi,

You can't achieve what you are expecting without using iframes. But I strongly discourage you to use them for security reasons.

You can instead redirect to a relative path and then forward the request to the correct backend server :

`

when HTTP_REQUEST { if { [HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/" } { HTTP::redirect "/apm/rest/MOBILITY/authService/1.0" return } if {[HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/apm/rest/MOBILITY/authService/1.0"} { node myserver01 9001 return } }

`
- krmidhun_323560
  Nimbostratus
  Aug 09, 2017
  Thanks Yann for the prompt response. I am a newbie to iRuling. So isn't it just possible to redirect https://buyer.abc.com to without using a pool or node in the backend and let the redirection itself take care of the traffic getting forwarded to the server.
  
  Another thought is that can we use the pool instead of node while using the relative path method?
- Yann_Desmarest_
  Nacreous
  Aug 09, 2017
  Redirecting the user mean that the browser will issue a request to the provided URL.
  
  If the URL is absolute, the browser will issue a request to myserver01 on tcp port 9001.
  
  If myserver01 resolve a virtual server IP, then the request will go through the Bigip.
  
  otherwise, the request will be issued to the backend server without reaching the bigip.
  
  You can also use the pool command instead of node.
  
  Hope it help
- krmidhun_323560
  Nimbostratus
  Aug 10, 2017
  Hi Yann,
  
  This one worked fine and I was able to map the virtual server instead of the node. However the issue is that the subsequent URIs are not working after the first page is loaded fine. So I removed the redirection part and configured the following iRule to send the traffic directly to the virtual server.
  
  As the initial request comes on port 443, I created a virtual server with port 443 and called the following iRule without adding any pool to it. Also configured another virtual server with port 9001 and added pool with member listening on port 9001. However this doesn't work for some reason
  
  when HTTP_REQUEST {
  
  if { [HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/" } { virtual buyer_vs_9001 return }
Yann_Desmarest
Cirrus
Aug 09, 2017
Hi,

You can't achieve what you are expecting without using iframes. But I strongly discourage you to use them for security reasons.

You can instead redirect to a relative path and then forward the request to the correct backend server :

`

when HTTP_REQUEST { if { [HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/" } { HTTP::redirect "/apm/rest/MOBILITY/authService/1.0" return } if {[HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/apm/rest/MOBILITY/authService/1.0"} { node myserver01 9001 return } }

`
- krmidhun_323560
  Nimbostratus
  Aug 09, 2017
  Thanks Yann for the prompt response. I am a newbie to iRuling. So isn't it just possible to redirect https://buyer.abc.com to without using a pool or node in the backend and let the redirection itself take care of the traffic getting forwarded to the server.
  
  Another thought is that can we use the pool instead of node while using the relative path method?
- Yann_Desmarest
  Cirrus
  Aug 09, 2017
  Redirecting the user mean that the browser will issue a request to the provided URL.
  
  If the URL is absolute, the browser will issue a request to myserver01 on tcp port 9001.
  
  If myserver01 resolve a virtual server IP, then the request will go through the Bigip.
  
  otherwise, the request will be issued to the backend server without reaching the bigip.
  
  You can also use the pool command instead of node.
  
  Hope it help
- krmidhun_323560
  Nimbostratus
  Aug 10, 2017
  Hi Yann,
  
  This one worked fine and I was able to map the virtual server instead of the node. However the issue is that the subsequent URIs are not working after the first page is loaded fine. So I removed the redirection part and configured the following iRule to send the traffic directly to the virtual server.
  
  As the initial request comes on port 443, I created a virtual server with port 443 and called the following iRule without adding any pool to it. Also configured another virtual server with port 9001 and added pool with member listening on port 9001. However this doesn't work for some reason
  
  when HTTP_REQUEST {
  
  if { [HTTP::host] contains "buyer.abc.com" and [HTTP::path] eq "/" } { virtual buyer_vs_9001 return }

Forum Discussion

iRule redirect with URL masking and URI rewrite

36 Replies

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

F5 ADC - url rewrite redirect with parsing

Response port masking

Rewrite HTTP Redirect Hostname

Rewriting iRules...LIVE!

Redirect rewrite iRule