Forum Discussion

Altostratus

Feb 25, 2010

LTM for URL/URI Filtering only (Very Urgent)

Dear All, For URL filtering, please find attached customer's test case I have created where I want to use LTM non-inline and will send the Youtube traffic of 95 Mbps on LTM using PBR. ...

config

design

hoolio

Cirrostratus

Feb 26, 2010

Conceptually, this seems possible to do with an iRule as long as the core router knows to route the requests but not the responses to LTM. Have you tried testing it? You'd need to configure a standard 0.0.0.0/0.0.0.0 port 80 VIP with an HTTP profile in order to use the iRule on all requests. Also, you might want to set the host to lower case before checking it in the datagroup:

if {[matchclass [string tolower [HTTP::host]] equals PTA_Blocked_list]}{

You'd potentially need to handle IP addresses as well--else clients could use the IP and bypass the filtering.

If you want to do the same validation for HTTPS traffic, you'd need a cert which the browsers accept for all external sites. You could add that to another 0.0.0.0/0.0.0.0 port 443 VIP with a client and server SSL profile added.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)