1) we want to rewrite external url to internal server like https://page.something.com --> server.domain.local this works ok. SSL offloading here also.
config
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:443
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
clientssl {
context clientside
}
http { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 70
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
members {
200.200.200.101:80 {
address 200.200.200.101
}
}
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm data-group internal location_map
ltm data-group internal location_map {
records {
http://shortname1/ {
data https://pagesomething.com/
}
http://shortname2/ {
data https://pagesomething.com/
}
}
type string
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
when HTTP_REQUEST {
if { [HTTP::host] equals "page.something.com" } {
HTTP::header replace Host "server.domain.local"
}
}
when HTTP_RESPONSE {
switch [HTTP::status] {
301 -
302 {
if { [class match -- [HTTP::header Location] starts_with location_map] } {
set mapl [class match -element [HTTP::header Location] starts_with location_map]
HTTP::header replace Location [string map $mapl [HTTP::header Location]]
}
}
}
}
}
request
1 10 1408801818.6717 (0.0007) C>SV3.1(192) application_data
---------------------------------------------------------------
GET / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: page.something.com
---------------------------------------------------------------
New TCP connection 2: 200.200.200.14(39311) - 200.200.200.101(80)
1408801818.6892 (0.0163) C>S
---------------------------------------------------------------
GET / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: server.domain.local
---------------------------------------------------------------
2) the server redirects to another location so the url sent back to client is something like: shortname/uri&somestaticinfo then againt to shortname2/uri&somesticinfo (which is not in dns)
Would it be correct to rewrite the http_response again with a datagroup of perhaps: shortname1 (80) -->
https://pagesomething.com/uri&someinfo. (443)
response
1408801840.1118 (0.0724) S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sat, 23 Aug 2014 13:37:55 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://shortname1/uri&somestaticinfo
Content-Type: text/html; charset=iso-8859-1
---------------------------------------------------------------
1 11 1408801840.1125 (0.0752) S>CV3.1(224) application_data
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sat, 23 Aug 2014 13:37:55 GMT
Server: Apache/2.2.3 (CentOS)
Location: https://pagesomething.com/uri&somestaticinfo
Content-Type: text/html; charset=iso-8859-1
---------------------------------------------------------------