Forum Discussion
juniorexus_1332
Nimbostratus
NimbostratusiRule to take host information from absoluteURI and re-write the host header
Hi all,
We have a VIP which is being accessed by clients externally via different proxies. We noticed that some of those proxies manipulate the host header of the HTTP request and re-write it wi...
nitass
Employee
Employeee.g.
// config
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:80
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
http { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 60
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
members {
200.200.200.101:80 {
address 200.200.200.101
}
}
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
when HTTP_REQUEST {
set host_in_uri [getfield [HTTP::uri] / 3]
if { [HTTP::host] ne $host_in_uri } {
HTTP::header replace Host $host_in_uri
}
}
}
// test
[root@ve11a:Active:In Sync] config ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.24.1(53936) <-> 172.28.24.10(80)
1407713054.1000 (0.0019) C>S
---------------------------------------------------------------
GET https://client1.test.com/path/query?test=A HTTP/1.1
Host: proxy.domain.net
X-Forwarder-host: proxy.domain.net
---------------------------------------------------------------
1 1407713054.1000 (0.0000) C>S TCP FIN
New TCP connection 2: 200.200.200.14(53936) <-> 200.200.200.101(80)
1407713054.2039 (0.1035) C>S
---------------------------------------------------------------
GET https://client1.test.com/path/query?test=A HTTP/1.1
Host: client1.test.com
X-Forwarder-host: proxy.domain.net
---------------------------------------------------------------
