need irule help

Please feel free to revise.

 

 

virtual bar2-http {

 

snat automap

 

pool foo2

 

destination 172.28.17.120:http

 

ip protocol tcp

 

rules http-redirect

 

profiles {

 

http {}

 

tcp {}

 

}

 

}

 

virtual bar2-https {

 

snat automap

 

pool foo2

 

destination 172.28.17.120:https

 

ip protocol tcp

 

rules https-redirect

 

profiles {

 

clientssl {

 

clientside

 

}

 

http-profile {}

 

tcp {}

 

}

 

}

 

pool foo2 {

 

members 10.10.70.120:http {}

 

}

 

profile http http-profile {

 

defaults from http

 

redirect rewrite matching

 

}

 

rule http-redirect {

 

when HTTP_REQUEST {

 

if {[HTTP::uri] starts_with "/secure/"} {

 

HTTP::redirect "]"

 

}

 

}

 

}

 

rule https-redirect {

 

when HTTP_REQUEST {

 

if {not ([HTTP::uri] starts_with "/secure")} {

 

HTTP::redirect "]"

 

}

 

}

 

}

 

 

curl -I http://172.28.17.120/

 

HTTP/1.1 200 OK

 

Date: Thu, 11 Nov 2010 20:06:56 GMT

 

Server: Apache/2.0.59 (rPath)

 

Last-Modified: Thu, 11 Nov 2010 04:23:21 GMT

 

ETag: "1315d-5f-5580a040"

 

Accept-Ranges: bytes

 

Content-Length: 95

 

Content-Type: text/html; charset=UTF-8

 

curl -I http://172.28.17.120/secure/

 

HTTP/1.0 302 Found

 

Location: https://172.28.17.120/secure/

 

Server: BigIP

 

Connection: Keep-Alive

 

Content-Length: 0

 

curl -Ik https://172.28.17.120/

 

HTTP/1.0 302 Found

 

Location: http://172.28.17.120/

 

Server: BigIP

 

Connection: Keep-Alive

 

Content-Length: 0

 

curl -Ik https://172.28.17.120/secure/

 

HTTP/1.1 404 Not Found

 

Date: Thu, 11 Nov 2010 20:07:31 GMT

 

Server: Apache/2.0.59 (rPath)

 

Content-Type: text/html; charset=iso-8859-1

 

As a footnote: you can use HTTP classes to accomplish the same functionality. If you see a ton of these conditions coming up soon, it may be best to stick with an iRule. But if not, an HTTP class profile may be the way to go.

 

-Matt

Thanks alot for the help.

 

 

I want to create one irule which satisfy both the below conditions

 

 

1. http://abc.com/secure/* ----------it should redirect to https://abc.com./secure/* --works all fine. (Thanks for the help guys)

 

 

2. https://abc.com/* ---it should redirect to http://abc.com/*-- ( Still not working)

 

 

Can you please check my irule

 

 

when HTTP_REQUEST { if { [HTTP::uri] contains "secure"} {

 

HTTP::redirect "https://[HTTP::host][HTTP::uri]"

 

}

 

when HTTPS_REQUEST { if {not ([HTTPS::uri] starts_with "/secure")} {

 

HTTPS::redirect "http://[HTTP::host][HTTP::uri]"

 

}

 

 

Thanks for the help

i'm afraid that we don't have HTTPS_REQUESt event and HTTPS::uri as well.

 

 

btw, what virtual server port are u running? is it any port (*)??

You can use the same HTTP events and commands on an HTTPS VS by adding a client SSL profile to decrypt the SSL and parse the HTTP.

 

 

Aaron