Forum Discussion
Nimbostratusirule redirection
I am trying to get the irule to redirect to a different default page. I have turned on logging and it appears that for some reason even though my client IP matches the condition in my if statement. when I use the client with that IP is skips down to the else clause and logs that it is not redirecting.
when HTTP_REQUEST { if { ( [IP::addr [IP::client_addr] equals x.x.x.x]) } { if { [HTTP::uri] equals "/index.htm" } { log local0. "Client: [IP::client_addr]" HTTP::redirect "http://[getfield [HTTP::host] ":" 1]/index_new.htm" } } else { log local0. "not redirecting client: [IP::client_addr]" } }
7 Replies
VernonWellsEmployee
Reformatted:
when HTTP_REQUEST { if { ( [IP::addr [IP::client_addr] equals x.x.x.x]) } { if { [HTTP::uri] equals "/index.htm" } { log local0. "Client: [IP::client_addr]" HTTP::redirect "http://[getfield [HTTP::host] ":" 1]/index_new.htm" } } else { log local0. "not redirecting client: [IP::client_addr]" } }Although this isn't your issue, I will say that the
construct is not needed.IP::addr [IP::client_addr] ...
evaluates to a string, so, if you're comparing it to a single host address,IP::client_addr
is sufficient.equalsI recommend logging both the client addres and the Request-URI before the logic. Also, you may wish to consider using
rather thanHTTP::path
. The latter would include, for example, any query parameters. So, you might try something like this:HTTP::uriwhen HTTP_REQUEST { log local0. "Received request from ([IP::client_addr]) for ([HTTP::path])" if { [IP::client_addr] eq "x.x.x.x" and [HTTP::path] equals "/index.htm" } { log local0. " .. match branch" HTTP::redirect "http://[getfield [HTTP::host] : 1]/index_new.htm" } else { log local0. " .. miss branch" } }
pedinopa_170325I tried the above irule and it still skipped the if clause and went right to the else clause. I modified my irule to use a data group. but that isnt working much better
when HTTP_REQUEST { log local0. "Received request from ([IP::client_addr]) for ([HTTP::path])" if { ( [class match [IP::client_addr] equals Client-Redirect-DG]) } { log local0. "Client: [IP::client_addr]" if { [HTTP::uri] equals "/index.htm" } { log local0. "Redirecting client [IP::client_addr]" HTTP::redirect "http://[getfield [HTTP::host] ":" 1]/index_new.htm" } else { log local0. "not redirecting client: [IP::client_addr]" } } }
- VernonWells
is more manageable for larger sets of addresses, but it is not necessary for a single match. Something else is happening. You added the logging before the conditional. Would you kindly send the log results?class match- pedinopa_170325
I want to ultimatley use a data group. here is a sample of what the log says
Sep 23 21:00:25 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1 Sep 23 21:00:29 DC-PROD-LTM-01 info tmm[16554]: Rule /DEV/Client-Redirect : Received request from (10.50.192.220%1) for (/) Sep 23 21:00:29 DC-PROD-LTM-01 info tmm[16554]: Rule /DEV/Client-Redirect : Client: 10.50.192.220%1 Sep 23 21:00:29 DC-PROD-LTM-01 info tmm[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1 Sep 23 21:00:38 DC-PROD-LTM-01 info tmm1[16554]: Rule /DEV/Client-Redirect : Received request from (10.50.192.220%1) for (/) Sep 23 21:00:38 DC-PROD-LTM-01 info tmm1[16554]: Rule /DEV/Client-Redirect : Client: 10.50.192.220%1 Sep 23 21:00:38 DC-PROD-LTM-01 info tmm1[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1 Sep 23 21:01:12 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : Received request from (10.50.192.220%1) for (/) Sep 23 21:01:12 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : Client: 10.50.192.220%1 Sep 23 21:01:12 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1
is more manageable for larger sets of addresses, but it is not necessary for a single match. Something else is happening. You added the logging before the conditional. Would you kindly send the log results?class match- pedinopa_170325
I want to ultimatley use a data group. here is a sample of what the log says
Sep 23 21:00:25 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1 Sep 23 21:00:29 DC-PROD-LTM-01 info tmm[16554]: Rule /DEV/Client-Redirect : Received request from (10.50.192.220%1) for (/) Sep 23 21:00:29 DC-PROD-LTM-01 info tmm[16554]: Rule /DEV/Client-Redirect : Client: 10.50.192.220%1 Sep 23 21:00:29 DC-PROD-LTM-01 info tmm[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1 Sep 23 21:00:38 DC-PROD-LTM-01 info tmm1[16554]: Rule /DEV/Client-Redirect : Received request from (10.50.192.220%1) for (/) Sep 23 21:00:38 DC-PROD-LTM-01 info tmm1[16554]: Rule /DEV/Client-Redirect : Client: 10.50.192.220%1 Sep 23 21:00:38 DC-PROD-LTM-01 info tmm1[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1 Sep 23 21:01:12 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : Received request from (10.50.192.220%1) for (/) Sep 23 21:01:12 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : Client: 10.50.192.220%1 Sep 23 21:01:12 DC-PROD-LTM-01 info tmm3[16554]: Rule /DEV/Client-Redirect : not redirecting client: 10.50.192.220%1
- VernonWells
The issue is that you are using Route Domains. Notice that the client IP address is not 10.50.192.220 but rather 10.50.192.220%1 (meaning it's in route domain 1). Try this:
when HTTP_REQUEST { if { [class match [getfield [IP::client_addr] % 1] equals Client-Redirect-DG] and [HTTP::path] equals "/index.htm" } { HTTP::redirect "http://[getfield [HTTP::host] ":" 1]/index_new.htm" } }or alter the match class membership to include the % part.
