Forum Discussion
prabhat_73172
Jan 17, 2011Nimbostratus
irule to read host from HTTP request and redirect
Hello,
I have BigIP LTM 10.0.1 system that sits in front of a http proxy gateway in the call path of incoming http requests in a ISP environment.
When customer access certain websites via proxy they experience errors. I'm trying to create an irule where it reads the host field on the http header and if it contains certain words (hotmail in this example), then it will direct the traffic via pool p1 (internet router) if not then via pool p2 (proxy gateway).
When I try to implement the irule I various errors. Below is the script.
Any assistance would be greatly appreciated.
when HTTP_REQUEST {
Specify current url
set host[HTTP::host]
Specify pools
set p1 "proxy_pool"
set p2 "internet_pool"
display current url and user agent in ltm log file
log "HOST = $host"
check if host has name that has issues going through proxy
switch -glob "$host" {
"*hotmail*" -
"*weather.com*" {
log "$host GOING TO Directly to $host -- 1.2"
pool $p2
} default {
log "$host GOING Through proxy-- 1.3"
pool $p1
}
}
end of switch
- Chris_MillerAltostratusYou can do this without setting any variables. That'll help performance a tiny bit.
when HTTP_REQUEST { log local0. "User requested Host [HTTP::host]" switch -glob [string tolower [HTTP::host]] { "*hotmail*" - "*weather.com*" { log local0. "[HTTP::host] going directly to [HTTP::host] -- 1.2" pool internet_pool } default { log local0. "[HTTP::host] going through proxy--1.3" pool proxy_pool } } }
- prabhat_73172NimbostratusThanks Chris for the quick response. That definitely didn't error out. We will run some tests to find if the traffic is being directed as intended.
- Chris_MillerAltostratusPosted By prabhat on 01/17/2011 12:38 PM
- prabhat_73172NimbostratusIts running at 10.0.1
- Chris_MillerAltostratusSomething like this would work fine:
when HTTP_REQUEST { log local0. "User requested Host [HTTP::host]" if { [class match [string tolower [HTTP::host]] contains excluded_hosts] } { log local0. "[HTTP::host] going directly to [HTTP::host] -- 1.2" pool internet_pool } else { log local0. "[HTTP::host] going through proxy--1.3" pool proxy_pool } }
- prabhat_73172NimbostratusThanks Chris. Greatly appreciate your help on this. We will give that a try and validate all works as expected.
- prabhat_73172NimbostratusNow the irule is working as expected but when the traffic gets routed directly to the internet_pool, it can't connect. There is only one member in that pool which is basically the firewall.
- Chris_MillerAltostratusSNATing it to the proxy's IP will likely cause issues when the response comes back to the firewall as the firewall will already have an arp entry for the proxy.
- prabhat_73172NimbostratusHi Chris,
- prabhat_73172NimbostratusNevermind Chris. So it appears that basically the LTM itself was not able to route the traffic to these hosts that were being sent directly to the internet.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects