Forum Discussion

eraser3498_1311's avatar
eraser3498_1311
Icon for Nimbostratus rankNimbostratus
Feb 05, 2014

Port and URL redirection with SSL Client Side offloading

I have a couple different scenarios that I can't get irules to work for. First I have a url that I want to add port 82 to the standard rediection scripts aren't working. Would also like to hiding the port after the redirection takes place. I am also running the standard _sys_https_redirect irule to provide SSL offloading on the client side this maybe interfering but I don't think so because I have other ones setup that do work the only difference is it use port 80 rather than 82. Any ideas????

 

The second issue is very similar the only difference is I want to add /xyz on the the end of the url as well as the port

 

Any feedback would be appreciated thank you

 

application delivery
design
devops
iRules
performance

7 Replies

  • IheartF5_45022's avatar
    IheartF5_45022
    Icon for Nacreous rankNacreous
    Feb 06, 2014

    Here is a statement that incorporates some of the things you mention. I hope it helps. If you require further help you need to state your requirements clearly. 

    when HTTP_REQUEST {
    HTTP::respond 302 Location "http://[HTTP::host]:82/[HTTP::path]/xyz"
}

    When you say "I want to add port 82 to the standard rediection scripts aren't working. Would also like to hiding the port after the redirection takes place". If you issue an HTTP redirect then the redirected location WILL be present in the client browser - that cannot be hidden.

  • eraser3498_1311's avatar
    eraser3498_1311
    Icon for Nimbostratus rankNimbostratus
    Feb 06, 2014

    I keep getting a connection reset error when I run this rule. Do need to add the real host url into the staement as well or is the syntax as stated above?

     

  • IheartF5_45022's avatar
    IheartF5_45022
    Icon for Nacreous rankNacreous
    Feb 07, 2014

    The statement is syntactically correct, however you need to ensure that it is the last statement executed in an iRule (either by placing it at the bottom or by putting "return" after it), or else you will get a RST and a TCL error logged in /var/log/ltm.

     

    Whether or not it does what you actually want is another matter, as I didn't really understand what you actually wanted :-)

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Feb 07, 2014

    i think you do not need slash (/) after port number (82).

    e.g.

    root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.24.10:80
    ip-protocol tcp
    mask 255.255.255.255
    profiles {
        http { }
        tcp { }
    }
    rules {
        myrule
    }
    source 0.0.0.0/0
    vs-index 2
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule myrule
ltm rule myrule {
    when HTTP_REQUEST {
  HTTP::respond 302 Location "http://[HTTP::host]:82[HTTP::path]/xyz"
}
}

[root@ve11a:Active:In Sync] config  curl -I http://172.28.24.10/something
HTTP/1.0 302 Found
Location: http://172.28.24.10:82/something/xyz
Server: BigIP
Connection: Keep-Alive
Content-Length: 0