Forum Discussion
GFort_32452
Nimbostratus
NimbostratusNeed help writing irules
I am new to wriitng irules and was needing some help. I need to write an irule that will redirect the following
https://resetmypasswordqa/itim/self
https://resetmypasswordqa
http://resetmypasswordqa
http://resetmypasswordqa/itim/self
to URL https://resetmypasswordqa/itim/self/Login/Logon.do
Any help or ideas is greatly appreciated.
Thanks
Gary
What_Lies_Bene1Cirrostratus
Here you go;when HTTP_REQUEST { switch -glob [string tolower [HTTP::path]] { "/" { HTTP::redirect " https://resetmypasswordqa/itim/self/Login/Logon.do" } "/itim/self" { HTTP::redirect " https://resetmypasswordqa/itim/self/Login/Logon.do" } } }
Mohamed_LrhaziAltocumulus
Use HTTP Classes if you dont know iRules. They are iRules created for you by F5 engineering.
GFort_32452Thanks for writing the irule "What Lies Beneath". Everything in the script works using the https are redirected but the http does not redirect. The virutal server its applied to is only using 443 do I need to enable 80 on the virtual server for it to work using http? Sorry for all the questions the F5 is something I am just learning.
I figured it out created another VS using port 80 and applied the rule and everything works great. Thanks once again for the help and writing the irule
Thanks
Gary
nitassEmployee
do I need to enable 80 on the virtual server for it to work using http?yes
by the way, you may remove -glob in switch if it is exact match.
e.g.[root@ve10:Active] config b rule myrule list rule myrule { when HTTP_REQUEST { switch [string tolower [HTTP::path]] { "/" - "/itim/self" { HTTP::redirect "https://[HTTP::host]/itim/self/Login/Logon.do" } } } }- What_Lies_Bene1
You're very welcome, and thanks for the clean up Nitass.
- GFort_32452
Irule below worked great in redirecting
but it does not redirect for some reason.Also when they use without the full domain name (resetmypassword.domain.name) it gets a cert error, but when you click continue then redirects using the full domain name and the cert shows to be valid. I am not sure if anything could be done to crrect this since the irule really has not yet ran. The certificate https uses in on the F5 with the common name being resetmypassword.domain.name
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::path]] {
"/" {
HTTP::redirect " https://resetmypassword.domain.name...n/Logon.do"
}
"/itim/self" {
HTTP::redirect " https://resetmypassword.domain.name...n/Logon.do"
}
}
}Any ideas or information is greatly appreciated.
Gary
- What_Lies_Bene1Surely users using http:// will hit a different Virtual Server running on port 80? In that case we can write a slighty different iRule.
There's not much you can do about the use of an incorrect domain name. - GFort_32452That is correct I have another virutal server using port 80 using the same IP address as the virutal server using 443. I applied the same Irule to both VS. Two of the http url redirect but the one does not.
Thanks
Gary - What_Lies_Bene1OK, so for the port 80 only Virtual Server iRule you should change it to this. I've ignored nitass's tidy up as I'm not sure how to add the third match in the way he's done the first two, he may be able to create a simpler rule;
when HTTP_REQUEST { switch -glob [string tolower [HTTP::path]] { "/" { HTTP::redirect " https://resetmypasswordqa/itim/self/Login/Logon.do" } "/itim/self" { HTTP::redirect " https://resetmypasswordqa/itim/self/Login/Logon.do" } "/resetmypassword/itim/self/Login/Logon.do " { HTTP::redirect " https://resetmypasswordqa/itim/self/Login/Logon.do" } } } - GFort_32452This is currently what the irule looks like, for some reason it acts like it does not read the " /resetmypassword/itim/self/Login/Logon.do" and do the redirect. The other lines seem to work fine. I have even tried "/itim/self/Login/Logon.do" and it still does not redirect. Just for testing I did a redirect to http://www.google.com and all of them redirected with the exception of }
"/resetmypassword/itim/self/Login/Logon.do" {
HTTP::redirect " https://resetmypassword.okdhs.int/itim/self/Login/Logon.do"
}
Below is the current configuration of the irule.
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::path]] {
"/" {
HTTP::redirect " https://resetmypassword.okdhs.int/itim/self/Login/Logon.do"
}
"/itim/self" {
HTTP::redirect " https://resetmypassword.okdhs.int/itim/self/Login/Logon.do"
}
"/resetmypassword/itim/self/Login/Logon.do" {
HTTP::redirect " https://resetmypassword.okdhs.int/itim/self/Login/Logon.do"
}
}
}