Forum Discussion
Mojdeh_Koushki_
Nimbostratus
NimbostratusiRule Script in Ver 9 is not functioning
hello
here is my problem, i have a set of bigip for bunch of web farm on ver 4.5.10, which i have this iRule for it and it is functioning Very Well...
if (getfield(http_uri, '/', 2) matches_regex "[Ww][Ee][Bb][Aa][Pp][Pp]") {
redirect to "https://%h/%u"
}
else {
use pool WebApp-50
}
and now we are upgrading to version 9 and compatable iRule for version 9 is COMPILING but NOT FUNCTIONING ...
here is the script...
when HTTP_REQUEST {
if { [string tolower [getfield [HTTP::uri] '/' 2]] == "webapp" } {
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
} else {
pool POOL_HTTP_Vlan70
}
}could you please tell me WHY?
thanks alot
Mojdeh
51 Replies
Mojdeh_Koushki_i did 4 tests , one was the first script you were suggesting
second was your script with tcp port add in if statment
third was i added pool pool_Vlan70 at the end of first part of if statment
4th was pool pool_Vlan70 and the end of sentence before final close bracket- Mojdeh_Koushki_sorry!
here is your script:
when HTTP_REQUEST { set uri [string tolower [HTTP::uri]] if { (($uri starts_with "/webnav") or ($uri starts_with "/webapp")) and ([TCP::local_port] == 80) } { log local0. "URI matches, and Port matches, redirecting to HTTPS" HTTP::redirect "https://[HTTP::host][HTTP::uri]" } else { log local0. "No match, forwarding to the pool" pool POOL_HTTP_Vlan70 }}
here is the log for running this script:
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:10 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:14 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:14 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:36 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:40 tmm tmm[628]: Rule coline : No match, forwarding to the pool
Oct 17 18:23:40 tmm tmm[628]: Rule coline : No match, forwarding to the pool - Right, I've seen this...it's the exact same section of the log you posted earlier. You also said, when you posted this, that you weren't experiencing the "freezing" you had a problem with before.
So, if the "freezing" isn't happening, then the rule isn't looping in the redirect. This means that it's forwarding you to the pool in question, but that pool is somehow forwarding you back to this rule.
I have two questions.
First, how is it getting to this section of the rule? If the URI matches, and the port the request is coming in on is 80...it should be redirected, but that's not happening. So which of these two isn't true? Does the URI match? Is the port 80?
Second, what does the pool configuration look like for "POOL_HTTP_Vlan70"? Why is it forwarding requests back to this rule?
-Colin - Mojdeh_Koushki_could you please explain to me how to direct it to browser ?
tahnks - Mojdeh_Koushki_the reason it di dnot freezz becouse i was by passing the iRule
the iRule which NOW i have as follows :
when HTTP_REQUEST {
set uri [string tolower [HTTP::uri]]
if { ($uri starts_with "/webnav") or ($uri starts_with "/webapp") } {
log local0. "URI matches, and Port matches, redirecting to HTTPS"
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
} else {
log local0. "No match, forwarding to the pool"
}
pool POOL_HTTP_Vlan70
}
and resualt is :
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:01:17 tmm tmm[675]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
second question: yes the pool is : POOL_HTTP_Vlan70 - Of course this is causing an infinite loop as you are redirecting to the same condition. From your last log output (with the 80 port check), it looked like your rule was functioning as the https connection was being assigned to the pool. If you are requesting a page, it could cause many separate connections for different objects on the page which is probably why you are seeing so many connections to the https virtual.
If you add this log information at the beginning of the rule, it should tell you what's going on.log local0. "Host: [HTTP::host]" log local0. "uri: [HTTP::uri]" log local0. "local_port: [TCP::local_port]"
Odds are you are going to see different uri's going to port 443 which is what would be expected. If you are getting into a redirect from the https virtual to https again, then it's not the iRule that's doing it (that is, unless you keep omitting the 80 check on the TCP::local_port).
-Joe - Mojdeh_Koushki_so you want me to add those line to the first part of if statment and test it?
- Mojdeh_Koushki_i have this script :
when HTTP_REQUEST {
set uri [string tolower [HTTP::uri]]
if { ($uri starts_with "/webnav") or ($uri starts_with "/webapp") } {
log local0. "URI matches, and Port matches, redirecting to HTTPS"
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
} else {
log local0. "No match, forwarding to the pool"
pool POOL_HTTP_Vlan70
}
}
and my resual is this :
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:46:20 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
how can i get raid of loop?
tahnks for HELP! - Mojdeh_Koushki_Joe
i have this :
when HTTP_REQUEST {
set uri [string tolower [HTTP::uri]]
if { ($uri starts_with "/webnav") or ($uri starts_with "/webapp") } {
log local0. "URI matches, and Port matches, redirecting to HTTPS"
log local0. "Host: [HTTP::host]"
log local0. "uri: [HTTP::uri]"
log local0. "local_port: [TCP::local_port]"
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
} else {
log local0. "No match, forwarding to the pool"
pool POOL_HTTP_Vlan70
}
}
resualt is this:
Oct 17 19:50:42 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:50:42 tmm tmm[666]: Rule coline : Host: stagemed.teri.org
Oct 17 19:50:42 tmm tmm[666]: Rule coline : uri: /webapp/index_teri.asp?qs_cplp_link=none&qs_association_link=TERI&qs_referrer_link=http://stagemed.teri.org/main.&qs_cplp_id=&qs_cplp_name=&qs_association_id=1&qs_association_name=TERI%20Loan%20Products&qs_origin_code=00&qs_start_page=/webapp/index_teri.asp&qs_end_page=CORP&qs_rtn_page=CORP&qs_conf_save_page=savedapp_confirm_teri.asp&qs_conf_subm_page=confirm_teri.asp&qs_discl_page=discl_teri.asp&qs_savedapp_option=True&qs_prefill_option=False&qs_schl_link=NONE&qs_3rd_pty_cd=TERIXX00
Oct 17 19:50:42 tmm tmm[666]: Rule coline : local_port: 443
Oct 17 19:50:42 tmm tmm[666]: Rule coline : URI matches, and Port matches, redirecting to HTTPS
Oct 17 19:50:42 tmm tmm[666]: Rule coline : Host: stagemed.teri.org
Oct 17 19:50:42 tmm tmm[666]: Rule coline : uri: /webapp/index_teri.asp?qs_cplp_link=none&qs_association_link=TERI&qs_referrer_link=http://stagemed.teri.org/main.&qs_cplp_id=&qs_cplp_name=&qs_association_id=1&qs_association_name=TERI%20Loan%20Products&qs_origin_code=00&qs_start_page=/webapp/index_teri.asp&qs_end_page=CORP&qs_rtn_page=CORP&qs_conf_save_page=savedapp_confirm_teri.asp&qs_conf_subm_page=confirm_teri.asp&qs_discl_page=discl_teri.asp&qs_savedapp_option=True&qs_prefill_option=False&qs_schl_link=NONE&qs_3rd_pty_cd=TERIXX00
Oct 17 19:50:42 tmm tmm[666]: Rule coline : local_port: 443 - Hi koushki-
I’m joining the thread late here. At this point, I believe Colin and the team have done everything they can to troubleshoot and resolve this issue in the forum. It looks like we’re very close.
As a valued customer, we want you to get the quickest, most comprehensive assistance possible to resolve this matter. With the information in this thread and some real-time assistance through our support organization, I’m confident we can help you get this resolved.
I am working with the appropriate folks in our support organization to contact you – and with DevCentral team assistance – work through this issue.
Thanks, and we’ll be in touch as quickly as possible with next steps to getting this resolved.
