For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

JackRodriguez's avatar
JackRodriguez
Icon for Nimbostratus rankNimbostratus
Apr 19, 2016

iRule to define pool names based on URI mapped to a value in a data group.

I have a need to configure a iRule that can take a portion of the URI and search a data group and then take the mapped value and use that in the creation of the pool name. I am not a coder and I thought this would be a fairly easy iRule to find an example but as it turned out, I could not find anything very close. I was able to "Frankenstein" a iRule together from multiple other iRule examples and I was finally able to get this working. The thing that I am most worried about however is the efficiency of my code and am I making the proper use of the "matchclass" and "class match". I took many of these examples from iRules that were written for V9 and V10 and I wonder if there is a more efficient/elegant way to write this iRule for what I am trying to accomplish. Thank you in advance.

 

when HTTP_REQUEST {
  if {[matchclass [string tolower [HTTP::path]] contains APP_DEV_uri_pool_map]} {
    set poolName "APP-BW-DEV-[class match -value [string tolower [HTTP::path]] contains APP_DEV_uri_pool_map]"
        pool $poolName
    if { $poolName equals "APP-BW-DEV-" } {
       log -noname local0.warn "uri-map-lookup-failed: from: [IP::remote_addr] for request: [HTTP::host] [HTTP::uri]"
     HTTP::respond 404 content {
  
  
  Not found
  
  Not found
  The requested page or resource was not found.
 
 }
}
}
}

Data Group

 

APP_DEV_uri_pool_map 


/pub_lead2lease := LEAD2LEASE-9001
/pub_omsorderservicev1 := OMS-ORDERS-9002
/pub_productservicev1 := OMS-PRODUCTS-9003
application delivery
data group
define pool name based on uri
iRules
LTM
matchclass
value lookup

1 Reply

  • cjunior's avatar
    cjunior
    Icon for Nacreous rankNacreous
    Apr 20, 2016

    Hi, according to documentation, "class match" is more performatic than "matchclass".

    https://devcentral.f5.com/wiki/irules.class.ashx

    I think you did a good job and I just made some changes which sounds better to me.

    when HTTP_REQUEST {
    set value [class match -value [string tolower [HTTP::path]] contains APP_DEV_uri_pool_map]
    if { $value ne "" } {
        pool APP-BW-DEV-$value
    } else {
        log local0. "uri-map-lookup-failed: from: [IP::remote_addr] for request: [HTTP::host] [HTTP::uri]"
        HTTP::respond 404 content {
            
            
            Not found
            Not found
            The requested page or resource was not found.
            
        }
    }
    unset value
}

    Maybe it should be improved with pool selection check.

    https://devcentral.f5.com/articles/irules-101-07-catch 
    when HTTP_REQUEST {
    set value [class match -value [string tolower [HTTP::path]] contains APP_DEV_uri_pool_map]
    if { $value ne "" } {
        if { [catch { pool APP-BW-DEV-$value }]  } {
            log local0.warn "uri-map-selection-failed: from: [IP::remote_addr] for request: [HTTP::host] [HTTP::uri] pool: APP-BW-DEV-$value"
            HTTP::respond 500 content {
                
                
                Internal Server Error
                Internal Server Error
                The server encountered an internal error or misconfiguration and was unable to complete your request.
                
            }
        }
    } else {
        log local0.notice "uri-map-lookup-failed: from: [IP::remote_addr] for request: [HTTP::host] [HTTP::uri]"
        HTTP::respond 404 content {
            
            
            Not found
            Not found
            The requested page or resource was not found.
            
        }
    }
    unset value
}

    Respectfully,