Redirect iRule 4.2

Beuller? 0]

 

 

Any help would be appreciated. I'm not the biggest 4.2 user.

The syntax of the rule looks fine. You may want to change the 'matches_regex' to 'starts_with' if the URI you want to redirect always begins with /manager/protected.

 

 

Assuming you associated this rule with a VIP on port 80 (and not the proxy), it should indeed redirect to the proxy listening on 443.

 

 

If you use live http headers with FF or another client tool to record requests/responses, do you see the request to http://your_site/manager/protected, being answered with a 302 direct to https://your_site/manager/protected?

 

 

I think you should be able to get a much clearer idea of what is happening if you check the client request and node responses.

 

 

Aaron

for matches_regex to work would I have to have the full https://address.com/manager/protected ?

If you are performing a match against the URI as in the sample you provided, you would only want to specify the path and/or object name, not the protocol or host.

 

 

[protocol://subdomain.domain.tld/path/to/object.ext]

 

 

Like this:

 

 

if (http_uri matches_regex "/manager/protected") {

 

...

 

}

 

 

Not:

 

 

if (http_uri matches_regex "http://subdomain.domain.tld/manager/protected") {

 

...

 

}

 

 

However, you don't need to use matches_regex unless you need to use a regular expression for the comparison. I would imagine, using starts_with or contains should work fine with less overhead.

 

 

 

Are you still seeing the looping? If so, make sure you are using this general flow:

 

 

proxy [external IP address]:443 -> VIP [127.x.y.z]:80 -> pool

 

 

VIP: [external IP address]:80 -> rule to redirect to https

 

 

Beyond this, I would recommend working with Support, as the iRule looks fine.

 

 

Aaron

 

I'm looking through the config, and it's looking like proxy is definately the issue.

 

 

Thanks alot for your help. I may be back.