Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Injeyan_Kostas's avatar
Injeyan_Kostas
Icon for MVP rankMVP
Jul 22, 2025

Re: iRule, Traffic Policy or Re-Write Policy

Hi sjy2025​ 

the best solution would be to config application use relative paths

for now you can try this irule, you will need to apply stream profile also

when CLIENT_ACCEPTED 
{
    STREAM::disable
    if {[class match [IP::client_addr] equals clients1] } 
    {
        pool POOL_1
    } 
    elseif {[class match [IP::client_addr] equals clients2] } 
    {
        pool POOL_2
    } elseif {[class match [IP::client_addr] equals clients3] }
    {
        pool POOL_3
    } elseif {[class match [IP::client_addr] equals clients4] } 
    {
        pool POOL_4
    } elseif {[class match [IP::client_addr] equals clients5] } 
    {
        pool POOL_5
    }
    else {
        pool POOL_6
    }
}


when HTTP_REQUEST 
{
    STREAM::disable
    HTTP::header remove "Accept-Encoding"
    set original_uri [HTTP::uri]
    HTTP::uri "/test${original_uri}"
}

when HTTP_RESPONSE 
{
    STREAM::disable
    if {[HTTP::header exists "Location"]} 
    {
        set loc [HTTP::header "Location"]
        if {[string match "https://examples.com*" $loc]} 
        {
            HTTP::header replace "Location" [string map {"https://examples.com" "https://example.com"} $loc]
        }
    }
    if {[HTTP::header "Content-Type"] contains "text"} 
    {
        STREAM::expression {@https://examples.com@https://example.com@}
        STREAM::enable
    }
}

 

No RepliesBe the first to reply