Forum Discussion

lalrupchandani9's avatar
lalrupchandani9
Icon for Altostratus rankAltostratus
Apr 15, 2022

Need help with URL re-write without a redirect

I have virtual server on F5 with an iRule and want to add a condition for a new re-write. I have to re-write complete URL without redirecting or changing the URL in client's browser. Tested the below but client browsers keeps getting a reset. Below is my existing iRule and the syntax i have tried for re-write. Also attached few logs which show that traffic is matching the condition and re-writing the URL but fails.

Browser URL: "abc.domain.com/uri/path"

Backend URL: "abc4.domain4.com/file.html"   

when HTTP_REQUEST {
set doStream 0
switch [HTTP::host] {
"abc.domain.com" {
if {[HTTP::path] contains "/abc/abc" && [HTTP::query] contains "location="} {
HTTP::respond 301 "Location" "https://[HTTP::host]/abc/[string tolower [findstr [HTTP::query] "location=" 9]]"
pool xyz_pool
} elseif {[string tolower [HTTP::host]] starts_with "abc.domain.com" && [HTTP::path] eq "/uri/path"}
{ HTTP::header replace Host "abc4.domain4.com"
HTTP::uri "/file.html"
set doStream 4
log local0. "[HTTP::host][HTTP::uri] Changed rewrite"
pool test-pool
} elseif {[class match [HTTP::path] equals "url_redirect_list"]} {
set newURL [class match -value -- [HTTP::uri] equals "url_redirect_list"]
log local0. "NEW Redirect URI is [HTTP::uri]"
HTTP::respond 301 "Location" $newURL
} elseif {[class match [HTTP::path] equals "url_explicit_list"]} {
log local0. "[HTTP::path]: Explicit URL path goes to [LB::server] with cookie value [HTTP::cookie value "cookie"]"
HTTP::header replace Host "abc1.domain.com"
set doStream 1
log local0. "[IP::client_addr]:[TCP::client_port]: [LB::server] Request with persistence cookie [HTTP::cookie value "cookie"] to [HTTP::uri]"
pool explicit_pool
} elseif {[class match [HTTP::path] starts_with "url_wildcard_list"]} {
log local0. "[HTTP::path]: Wildcard URL path goes to [LB::server]"
HTTP::header replace Host "abc1.domain.com"
set doStream 1
#log local0. "[HTTP::path]: Wildcard URL path goes to [LB::server]"
}
elseif { [string tolower [HTTP::uri]] ne "/autodiscover" } {
log local0. "[IP::client_addr]:[TCP::client_port]: [LB::server] Request with persistence cookie [HTTP::cookie value "cookie"] to [HTTP::uri]"
pool backend_pool
persist cookie insert "cookie"
} else {
drop
}
}
}
}

when HTTP_RESPONSE {
switch $doStream {
0 {
return
}
1 {
STREAM::expression {@http://abc1.domain.com@https://abc.domain.com@}
STREAM::enable
}
4 {
STREAM::expression {@https://abc4.domain4.com/file.html@https://abc.domain.com/uri/path@}
STREAM::enable
}
}
}

/var/log/ltm.1:Apr 14 13:44:55 info tmm1[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite
/var/log/ltm.1:Apr 14 13:44:55 info tmm[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite
/var/log/ltm.1:Apr 14 13:45:04 info tmm[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite
/var/log/ltm.1:Apr 14 13:45:05 info tmm1[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite
/var/log/ltm.1:Apr 14 13:45:05 info tmm[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite
/var/log/ltm.1:Apr 14 13:50:05 info tmm[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite
/var/log/ltm.1:Apr 14 14:00:06 info tmm[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite
/var/log/ltm.1:Apr 14 15:42:37 info tmm1[17567]: Rule /Common/POOL_SELECTION_IRULE <HTTP_REQUEST>: abc4.domain4.com/file.html Changed rewrite

Any help is appreciated. 

 

Thanks

  • you would need to work with the application team to find out which URL's are returning 404 and reason for it. Modify your iRule accordingly to resolve it

  • you would need to work with the application team to find out which URL's are returning 404 and reason for it. Modify your iRule accordingly to resolve it

  • It appears the rewrite is working as expected. Few suggestions, you don't need check for the HOST header again so can modify it as below.

     

    } elseif {[string tolower [HTTP::uri]] eq "/uri/path"}
    { HTTP::header replace Host "abc4.domain4.com"
    HTTP::uri "/file.html"
    set doStream 4
    log local0. "[HTTP::host][HTTP::uri] Changed rewrite"

     

    Also, in the response modify as below

     

    STREAM::expression {@https://abc4.domain4.com@https://abc.domain.com@}
    STREAM::enable

     

    Make sure your pool (test-pool) is up. Take a tcpdump capture and see the traffic and reason for the RST. Plase ask to check the logs from the server end as well. 

    • lalrupchandani9's avatar
      lalrupchandani9
      Icon for Altostratus rankAltostratus

      Hi Sanjay,

      Thanks for your reply and it helped. Reset issue is resolved after bringing the pool members up using health monitor. Earlier there was no health monitor configured and members were in unknown state. 

      Now when I enter the original URL, it serves me the right content but URL in the browser also changes to https://abc4.domain4.com/file.html instead of keeping the orignal one:  "https://abc4.domain4.com/uri/path"

      Another observation is that using pool members with https/443 gives the reset while using http/80 serves the content but as a redirect as mentioned above. 

      Regards,

      • spalande's avatar
        spalande
        Icon for Nacreous rankNacreous

        This you would need to run tcpdump and check for the issue and also work with application team. There could be many causes for this like application is not configured to use TLS, TLS handshake is failing between BIGIP and the server etc. 

  • Hi,

    I have made some progress and it turned out that endpoint was enforcing HTTPS and sending a redirect response. Hence client was receiving a redirect over https which changed the URL. After disabling https redirection, endpoint is serving content over http to F5 and re-write is working.

    Now, the webpage is loading without changing the original URL in the browser but majority of the content is getting error code 404 not found.

    I think this is probably because the https request header is using "abc.domain.com" for all the content instead of "abc4.domain4.com" and these URI doesn't match the condition for re-writing the hostname. Is there a way F5 can serve all content using "abc.domain.com" for this particular re-write or do we need to add all the content URIs for re-write??

  • Thanks Sanjay for all the help on this issue. I will get all headers and rewrite them accordingly.