For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Erik's avatar
Erik
Icon for Nimbostratus rankNimbostratus
Nov 24, 2016

Problem with HTTP::version

Hi all, I wondering why this does not working. The result from HTTP::version always be 0.9 or 1.0 or 1.1. If I use Fiddler and send HTTP 3.4 it still say 1.1 in my first log line. Using standard http profile.

I trying to do the LAB 6.1 in the irule 12.1 course.

Could this be a bug in HTTP::version? Running on LTM version 12.1.0.

Thanks,

when RULE_INIT {
  set sec_http_versions [list "0.9" "1.0" "1.1" ]
}
when HTTP_REQUEST {
  log local0. "Request from [IP::client_addr] using HTTP/ [HTTP::version]"
  if { ! [matchclass [HTTP::version] equals $::sec_http_versions ] } {
    log local0. "Invalid HTTP version used, from [IP::client_addr] using
HTTP/[HTTP::version]"
    reject
  }
}

 

application delivery
iRules

1 Reply

  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Nov 24, 2016

    Hi Svein,

    I can sucessfully repro the problem you're experiencing on TMOS v12.1.1 HF2. So you may open a support ticket to clarify the situation and/or make the F5 support aware of the problem. In the meantime you can use the syntax below to manually parse the HTTP version out of the [HTTP::request].

     

    set http_version [string range [lindex [getfield [HTTP::request] "\n" 1] 2] 5 end]

     

    Additional Note: The [matchclass] and $::your_datagroup syntax is deprecated since v10. I encourage you to migrate your code to become a [class] compliant syntax, to avoid performance degration, unexpected results and/or even TCL runtime errors.

    https://clouddocs.f5.com/api/irules/class.html 

    Cheers, Kai