Forum Discussion

Nimbostratus

Feb 15, 2021

iRules change HTTP::Payload when talking to the backend servers

I need to make some changes using the iRules to the request payload then need to pass the original request to the backend server, is there a compatible event with HTTP::Payload command that can pass ...

Noctilucent

Feb 15, 2021

Yes its doable, use HTTP_REQUEST_DATA event to make your manipulation on the payload.

Refer the below article.

https://clouddocs.f5.com/api/irules/HTTP_REQUEST_DATA.html

HazemFouda
Nimbostratus
Feb 17, 2021
I want to manipulate the payload then pass F5 the manipulated one but the backend server will receive the original payload can you help me, please ?
- Daniel_Wolf
  MVP
  Feb 17, 2021
  Can you elaborate what you are trying to achieve by manipulating the payload twice? Maybe there is another way to get to your goal.
  
  I don't say it is nonsense, but I think it would help to know the use-case.
- HazemFouda
  Nimbostratus
  Feb 18, 2021
  I need to change the original request to some format that WAF can understand and apply its security check against then if the request is good, I need the WAF to pass the original request to the server as the server only understands the original request sent by the client
- Daniel_Wolf
  MVP
  Feb 18, 2021
  Maybe you can try a layered virtual. I am not a big fan of using layered virtuals since they add an extra layer of complexity when troubleshooting.
  
  Traffic would flow like this:
  vIP_1 >> iRule manipulates payload >> passes ASM >> vIP_2 >> iRule manipulates payload back >> backend server
  
  Here are some steps for guidance.
  K13315545: Configuring a BIG-IP ASM virtual server to protect a BIG-IP APM login page with brute force prevention
  In this approach you can also combine iRules and LTM Traffic Policies.