Forum Discussion

Cindy_127211's avatar
Cindy_127211
Icon for Nimbostratus rankNimbostratus
May 17, 2006

Passing 'default pool' to rule

I have a default pool defined in a virtual server. The virtual server also has a rule that uses the default pool name. Right now, this pool name is hard coded. Is there any way to make a rule that uses the default pool name (from the virtual server) as a variable?

 

 

application delivery
dev
devops
iRules
  • Cindy_127211's avatar
    Cindy_127211
    Icon for Nimbostratus rankNimbostratus
    May 17, 2006
    Following is an example rule:

     

     

    rule SSLV2_Encrypt_ACS_sbox {

     

    when HTTP_REQUEST {

     

    HTTP::header insert "Custom" "amc:443"

     

    if { ![matchclass [SSL::cipher version] equals $::CipherVersion] and [SSL::cipher bits] > 127 } {

     

    use pool acs80sbox

     

    } elseif { [HTTP::uri] starts_with "/encryptcode/" }

     

    {

     

    pool acs80sbox }

     

    else {

     

    HTTP::redirect https://[HTTP::host]/encryptcode/encryption_notice.jsp}

     

    }

     

    }

     

     

    Following is the virtual server that access this particular rule:

     

     

    virtual vs_www_sbox_americancentury_com_PROXY {

     

    destination 10.173.251.200:443

     

    fallback persist SIMPLE_1920_ACS_DEFAULTS

     

    ip protocol tcp

     

    profile CLIENTSSL_www_sbox_americancentury_com HTTP_PROXY_ACS_DEFAULTS tcp

     

    persist COOKIE_EXT_ACS_DEFAULTS

     

    pool acs80sbox

     

    rule SSLV2_Encrypt_ACS_sbox

     

    }

     

     

     

    There are several virtual servers that use the same rule. The only difference is that the pool name changes for each virtual server. So, I have one copy of the rule for each virtual server, since the pool name changes for each virtual server. How can I change the rule and/or the virtual server so I have only one rule for each virtual server?
  • Al_Carandang_11's avatar
    Al_Carandang_11
    Icon for Nimbostratus rankNimbostratus
    May 17, 2006
    You can create a DataGroup (class) which looks like:

    class Pools  {
   "vs_www_sbox_americancentury_com_PROXY acs80sbox"
   "virtual_server2 pool2"
   ...
}
    Your iRule will then look like

    rule SSLV2_Encrypt_ACS_sbox {
  when HTTP_REQUEST {
    set mypool [findclass [virtual name] $::Pools " "]
    HTTP::header insert "Custom" "amc:443"
    if { ![matchclass [SSL::cipher version] equals $::CipherVersion] and [SSL::cipher bits] > 127 } {
      use pool $mypool
    } elseif { [HTTP::uri] starts_with "/encryptcode/" } {
      pool $mypool 
    } else {
      HTTP::redirect https://[HTTP::host]/encryptcode/encryption_notice.jsp}
    }
  }
}

  • Cindy_127211's avatar
    Cindy_127211
    Icon for Nimbostratus rankNimbostratus
    May 17, 2006
    Wow! This worked great! Thank you so much for your quick reply. You have no idea how much time this will save me!
  • Al_Carandang_11's avatar
    Al_Carandang_11
    Icon for Nimbostratus rankNimbostratus
    May 17, 2006
    You're welcome. By the way, I had a typo in my earlier post so I had to edit it a bit.

     

  • Cindy_127211's avatar
    Cindy_127211
    Icon for Nimbostratus rankNimbostratus
    May 18, 2006
    Hi, I was just curious....I looked through your posting and believe that I typed it 'as is' and it worked just fine. What was the typo...in case I'm missing something that will come back up later?
  • Al_Carandang_11's avatar
    Al_Carandang_11
    Icon for Nimbostratus rankNimbostratus
    May 18, 2006
    You might have seen my reply after I fixed the typo. I had the code written as

     

     

        } elseif { [HTTP::uri] starts_with "/encryptcode/" } {
      pool $mypool }
    else {
    when it should have been written as

     

        } elseif { [HTTP::uri] starts_with "/encryptcode/" } {
      pool $mypool 
    } else {