Forum Discussion
Looking for help with stream log
Hi everyone,
I have this follow iRule that works fine for stream some http content within https pages.
when HTTP_REQUEST {
STREAM::disable
HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
if { [HTTP::header exists Location] } {
HTTP::header replace Location [string map {"http://" "https://"} [HTTP::header Location]]
}
if { ([HTTP::header Content-Type] contains "text/css") or ([HTTP::header Content-Type] contains "text/json") or ([HTTP::header Content-Type] contains "text/html") or ([HTTP::header Content-Type] contains "text/webviewhtml") or ([HTTP::header Content-Type] contains ".htm") or ([HTTP::header Content-Type] contains ".html") or ([HTTP::header Content-Type] contains ".htt") or ([HTTP::header Content-Type] contains "stm") or ([HTTP::header Content-Type] contains ".xsl")} {
STREAM::expression [list {@http://www.domain.com@https://www.domain.com@} {@http://domain.com@https://domain.com@}{@http://wwws.domain.com@https://wwws.domain.com@}]
STREAM::enable
}
elseif { [HTTP::header value Content-Type] contains "image/svg+xml"} {
STREAM::disable
}
}
For now I need to log the HTTP occurrences that were replaced by https, I done this follow iRule:
when HTTP_REQUEST {
STREAM::disable
HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
if { [HTTP::header exists Location] } {
if { [HTTP::header Location] contains "http://" } {
set location_http [HTTP::header Location]
log local0. "Location with HTTP value found: $location_http"
HTTP::header replace Location [string map {"http://" "https://"} [HTTP::header Location]]
}
}
if { ([HTTP::header Content-Type] contains "text/css") or ([HTTP::header Content-Type] contains "text/json") or ([HTTP::header Content-Type] contains "text/html") or ([HTTP::header Content-Type] contains "text/webviewhtml") or ([HTTP::header Content-Type] contains ".htm") or ([HTTP::header Content-Type] contains ".html") or ([HTTP::header Content-Type] contains ".htt") or ([HTTP::header Content-Type] contains "stm") or ([HTTP::header Content-Type] contains ".xsl")} {
if { [HTTP::payload] contains "http://" } {
set http_payload [HTTP::payload]
log local0. "Payload with HTTP value found:: $http_payload"
STREAM::expression [list {@http://www.domain.com@https://www.domain.com@} {@http://domain.com@https://domain.com@}{@http://wwws.domain.com@https://wwws.domain.com@}]
STREAM::enable
log local0. "Payload HTTP after streamed: [HTTP::payload]"
}
}
elseif { [HTTP::header value Content-Type] contains "image/svg+xml"} {
STREAM::disable
}
}
But I understand that maybe this code can be improved, any ideas on what I can change on it?
Thanks!
1 Reply
Hi escman ,
What about using stats profile and STATS::incr Function in your irule Code.
The steps in the following article in Kevin_Stewart answer :
https://community.f5.com/t5/technical-forum/count-data-that-match-with-event/td-p/271114
and this is STATS::incr documentation :
https://clouddocs.f5.com/api/irules/STATS__incr.html
I hope this helps you 🙂
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com