For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

U_franco_117956's avatar
U_franco_117956
Icon for Nimbostratus rankNimbostratus
Apr 01, 2014

Multiple redirect/respond invocations not allowed ¿¿??

Hi.   We are trying to configure/add the following irules in a vserver.   With the fist one irule we are looking for to limit concurrent user sessions using JSESSIONID cookie in our vserver. If c...
application delivery
design
devops
iRules
LTM
room
waiting
John_Alam_45640's avatar
John_Alam_45640
Historic F5 Account
Apr 02, 2014

I think that the HTTP::redirect is executed twice because the rate limit iRule section is probably added to the configuration first and, the HTTP::redirect is not terminating the HTTP_REQUEST event.

1) I would use event priorities so that the waiting room section is executed first. This ensures that if the URI is "waitingroom", no rate limiting takes place and therefore no redirect. The lower numbered priority are execute first. https://devcentral.f5.com/wiki/iRules.priority.ashx 

when HTTP_REQUEST priority 100 { waiting_room_section }  
when HTTP_REQUEST priority 200 { rate_limit_section }

2) Use a "return" or "event disable" immediately after the "HTTP::redirect".

BTW: check out this awesome iRule which is similar to what you are doing. https://devcentral.f5.com/articles/implementing-the-exponential-backoff-algorithm-to-thwart-dictionary-attacks.Uzv_0LRL-KI

HTH