Forum Discussion

El-Guapo_29797's avatar
El-Guapo_29797
Icon for Nimbostratus rankNimbostratus
Feb 01, 2014

*Redirect http to https for Internet clients but not private clients*

How to Redirect all clients from http to https for Internet clients but allow http to private client IP? Following is not working properly:

when CLIENT_ACCEPTED {  
   if { [IP::addr [IP::client_addr] equals 10.0.0.0/8] or  

      [IP::addr [IP::client_addr] equals 192.168.1.0/24]} { 

      set redirect 0 

   } else { 

      set redirect 1 

   } 
 } 
 when HTTP_REQUEST { 

 if {$redirect}{ 

      HTTP::redirect "https://[HTTP::host][HTTP::uri]" 

   }

}

application delivery
devops
http to https
irule
iRules
management
redirect
  • Mike_61663's avatar
    Mike_61663
    Icon for Cirrus rankCirrus
    Feb 03, 2014

    Maybe try adding the following logging entries to the HTTP_REQUEST section of your iRule to ensure that your source IP and redirect variable values are what you expect....

    log local0. "Client IP = [IP::client_addr]\n";
log local0. "redirect variable equals $redirect\n";

    Then from the cli do a "tail -f /var/log/ltm" to see the values.

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Feb 03, 2014

    I concur. You can also save yourself the trouble of a variable assignment by putting everything in one event:

    when HTTP_REQUEST {
    log local0. "incoming IP: [IP::client_addr]"
    if { ( [IP::addr [IP::client_addr] equals 10.0.0.0/8] ) or ( [IP::addr [IP::client_addr] equals 192.168.1.0/24] ) } {
        log local0. "local address - allowing"
        return
    } else {
        log local0. "remote address - redirecting"
        HTTP::redirect "https://[HTTP::host][HTTP::uri]"
    }
}