Forum Discussion
Remco
Nimbostratus
NimbostratusRedirecting http request to external url via proxy
Hi,
we are using F5 load balancers for our Internet environment. There is now a requirement during customer login to download a trojan detection script at an external company. But for the cl...
nitass
Employee
Employeenot sure if it is what you are looking for. anyway, hope it is helpful.
[root@ve1023:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.65.152:https
ip protocol tcp
rules myrule
profiles {
clientssl {
clientside
}
http {}
serverssl {
serverside
}
tcp {}
}
}
[root@ve1023:Active] config b pool foo list
pool foo {
members 200.200.200.101:http {}
}
[root@ve1023:Active] config b rule myrule list
rule myrule {
when CLIENT_ACCEPTED {
SSL::disable serverside
}
when HTTP_REQUEST {
if {[HTTP::uri] equals "/test"} {
HTTP::uri "/"
SSL::enable serverside
virtual bar2
}
}
}
[root@ve1023:Active] config b virtual bar2 list
virtual bar2 {
snat automap
pool squid
destination 1.1.1.1:https
ip protocol tcp
rules myrule2
}
[root@ve1023:Active] config b pool squid list
pool squid {
members 192.168.12.105:squid {}
}
[root@ve1023:Active] config b rule myrule2 list
rule myrule2 {
when SERVER_CONNECTED {
set bypass 0
TCP::respond "CONNECT www.google.com:443 HTTP/1.0\r\n\r\n"
TCP::collect
}
when SERVER_DATA {
if { $bypass eq 1 } {
TCP::release
return
}
if { [TCP::payload] starts_with "HTTP/1.0 200" } {
TCP::payload replace 0 [TCP::payload length] ""
TCP::release
set bypass 1
} else {
TCP::close
}
}
}