Forum Discussion
kk1
Nimbostratus
NimbostratusiRules how can I get to custom error message?
Hi guys,
Please can you help with an issue I have.
We have a website that has certification, there is a requirement to SSL enable the communication to our website.
On BIG-IP LTM, we neet to limit a request up to 10 connections, if so, we want to response a custom error code "ErrCode=E91099991" .
However, because of not using SSL termination, we got a error message on iRules window below,
HTTP_REQUEST event in rule (/Common/rule.SITE) requires an associated HTTP or FASTHTTP profile on the virtual server (/Common/vs.SITE.HTTPS)
************************************************
when RULE_INIT {
set ::active_connections_site 0
set ::html_content "ErrCode=E91099991"
}
when CLIENT_ACCEPTED {
set site_over_limit 0
set ::site_maxConnection [class get SITE_MAX_TCP_CONNECTION]
if { $::active_connections_site <= [lindex $::site_maxConnection 0] } {
incr ::active_connections_site 1
} else {
set site_over_limit 1
}
}
when HTTP_REQUEST {
if { $site_over_limit }{
HTTP::respond 200 content $::html_content
TCP::close
}
}
when CLIENT_CLOSED {
if { ($site_over_limit == 0) and ($::active_connections_site > 0) } {
incr ::active_connections_site -1
}
}
************************************************
SITE_MAX_TCP_CONNECTION = 10
How can I response a custom error code?
Any help greatly appreciated.
cheers,
Lio,
Firstly, you should not be using global variables, these are prefixed with the double colon. These cause a CMP demotion
https://support.f5.com/csp/article/K13033
# do not set variables in the global namespace set ::foo bar # set in the local scope set foo barAdditionally I would be cautious setting variables in RULE_INIT as they will only be initialised when TTM or the iRule is reloaded. As you've used global variables, $::active_connections_site will only reset to 0 under these two conditions.
The error message you received is because you are using the event HTTP_REQUEST and attempting to use an HTTP response without an HTTP profile assigned to the virtual server . You will also need to add an client-ssl profile to the virtual server if this is using port TCP/443
Lee
Lee_SutcliffeNacreous
Firstly, you should not be using global variables, these are prefixed with the double colon. These cause a CMP demotion
https://support.f5.com/csp/article/K13033
# do not set variables in the global namespace set ::foo bar # set in the local scope set foo barAdditionally I would be cautious setting variables in RULE_INIT as they will only be initialised when TTM or the iRule is reloaded. As you've used global variables, $::active_connections_site will only reset to 0 under these two conditions.
The error message you received is because you are using the event HTTP_REQUEST and attempting to use an HTTP response without an HTTP profile assigned to the virtual server . You will also need to add an client-ssl profile to the virtual server if this is using port TCP/443
Lee