Port forward SSH and leave regular http

Using one VIP makes for less configuration, but it also leaves you with fewer and more complicated options if you want to manipulate the traffic. That, said, this should be pretty simple to do. If you want to add an HTTP based event to a rule, you need to use an HTTP profile on the VIP. If you have non-HTTP traffic going through the VIP, you'd want to disable the profile for it. It looks like you can determine whether it's an HTTP request or not based on the port the client makes the request to. So something like this should work:

  
  when CLIENT_ACCEPTED {  
    
     log local0. "[IP::client_addr]:[TCP::client_port]: new TCP connection to [IP::local_addr]:[TCP::local_port]"  
      Check the port the client requested  
     switch [TCP::local_port] {  
        "2500" {  
            Client request is SSH, use SSH node  
           log local0. "[IP::client_addr]:[TCP::client_port]: SSH request. Using node and disabling HTTP"  
           node 172.16.1.33 22  
    
            Disable HTTP profile  
           HTTP::disable  
        }  
        "80" {  
            Client request is HTTP do nothing  
           log local0. "[IP::client_addr]:[TCP::client_port]: HTTP request"  
        }  
        default {  
            Client request is to an undefined port, so drop the packets  
           log local0. "[IP::client_addr]:[TCP::client_port]: undefined port. Dropping"  
           drop  
        }  
     }  
  }  
  when HTTP_REQUEST {  
    
      This event will only be triggered if the HTTP profile is enabled  
        and the HTTP headers are parsed  
     log local0. "[IP::client_addr]:[TCP::client_port]: new HTTP request to [HTTP::host][HTTP::uri]"  
  }  
  

Aaron