Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

LBadinger_33194's avatar
LBadinger_33194
Icon for Nimbostratus rankNimbostratus
Feb 21, 2018

iRule Switch Statement default pool

Trying to understand how this irule should behave when it hits the "default' option on the "switch" statement. When the "pool $default_pool" is called what is the behaviour of the pool statements th...
application delivery
irules
LTM
rob_carr's avatar
rob_carr
Icon for Cirrocumulus rankCirrocumulus
Feb 21, 2018

You have some syntax problems with your iRule, namely unbalanced closing braces and an empty else statement. I've fixed those below.

when CLIENT_ACCEPTED {
  set default_pool prod_default3_pool
  set inbound_temp_pool prod_temp3_pool
}

when HTTP_REQUEST {
  switch -glob [string tolower [HTTP::uri]] {
    "/foo*" {
      drop
    }
    "/bar*" {
      pool bar_pool
      persist cookie insert "barsession"  "1d 00:00:00"
    }
    default {
      pool $default_pool
      if { [HTTP::cookie exists "TEMP"] } {
        pool $inbound_temp_pool
      }
    }
  }  
}

In a switch statement, the 'default' option handles anything that haven't matched one of the configured comparisons. In your rule, that means any request with a URI not beginning with /foo or /bar will fall to the default case and end up assigned to the pool specified by $default_pool...except when the request contains the HTTP cookie "TEMP", in which case, the connection is assigned to the pool specified by $inbound_temp_pool.

As written, your rule is setting the variables default_pool and inbound_temp_pool on each new connection, which is probably not needed. You might want to move that variable assignment out to the RULE_INIT event, or even get rid of the assignment entirely and directly name the pools.