Forum Discussion
enlowb_27270
Nimbostratus
NimbostratusNeed help with irule conversion 4x to 9x
I have a version 4.x irule and was wondering if someone could help convert it to version 9x. Thanks in advance...
Version 4.x irule below:
if (server_addr == one of snat_to_me and client_addr == one of snat_from_me) {
use snatpool trans_addr
use pool single_sign_on_pool
}
else {
use pool single_sign_on_pool
}
- The_BhattmanYou could set the default pool on the LTM GUI to single_sign_on_pool and then add the following untested iRule
when CLIENT_ACCEPTED { if { ( [IP::addr [IP::server_addr] equals 192.168.1.100] ) and ( [IP::addr [IP::client_addr] equals 192.168.2.100] } { snatpool trans_addr } }
Hope this helps
CB 
enlowb_27270snat_to_me = 172.27.17.50 but snat_from_me = 172.27.18.101, 172.27.18.102, 172.27.18.111 and 172.27.18.112. I am not sure but I think I need to use classes in order to do this... Thanks though...- The_BhattmanIf you have multiple addresses then you can use matchclasses
It would look something like thiswhen CLIENT_ACCEPTED { if { ( [matchclass [IP::server_addr] equals $::Servers] ) and ( [matchclass [IP::client_addr] equals $::Clients] } { snatpool trans_addr } }
This is where $::Servers and $::Clients would contain a list of IP addresses in their defined classes. - enlowb_27270So when I try to add the irule I get:
01070151:3: Rule [test] error:
line 1: [parse error: PARSE syntax 90 {syntax error in expression " ( [matchclass [IP::server_addr] equals $::Servers] ) and ( ...": looking for close parenthesis}] [{ ( [matchclass [IP::server_addr] equals $::Servers] ) and ( [matchclass [IP::client_addr] equals $::Clients] }]
I have tried it a few different ways and still get the parse error. Also, to clarify Servers refers to a data group list named Servers with IP addresses of servers and Clients refers to a data group list named Clients with IP addresses of clients. Thanks for the help... - The_BhattmanIt was missing a parethesis
when CLIENT_ACCEPTED { if { ([matchclass [IP::server_addr] equals $::Servers]) &&( [matchclass [IP::client_addr] equals $::Clients] )} { } } - enlowb_27270Thanks a bunch.. I think I got it now... I do have a question pertaining to the irule I posted. What does use snatpool trans_addr do? I do not have a snatpool called tran_addr on the 4.x box. Could this be the 4.x default or auto snat pool or is it just a config error? Thanks again for all the help...
- enlowb_27270I have version 4.x below:
if (client_addr == 172.27.16.0 netmask 255.255.255.0) {
use pool PS_Portal}
else {
redirect to "https://%h/%u"
}
Need help converting it to 9.x. I tried to do it see below but it doesn’t work... Any help would be appreciated... It just says if you are in the 172.27.16.0/24 network use pool PS_Portal anyone elce redirect to https same host same uri. Thanks in advance..
Version 9x below that doesnt work:
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 172.27.16.0/24] } {
pool PS_Portal }
else { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
}
