Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

jkstraw_44238's avatar
jkstraw_44238
Icon for Nimbostratus rankNimbostratus
Jun 18, 2008

regex in iRules

Hello, Please be patient with me - I am not the iRule guy on our team 🙂 We are using iRules primarily for redirecting URI's to specific pools - we do this with something similar to:...
application delivery
dev
devops
irules
Joe_Pruitt's avatar
Joe_Pruitt
Jun 18, 2008
The answer to your question is yes, you can use regex's when needed. This can be done with the regexp command or the -regex option for switch. But, with that being said, I would highly suggest trying to find alternate ways to do things like this without full blown regular expressions.

Your example of allowing "/site1*" but not "//site1*" is actually what your iRule above is doing. You are specifying to start a string with "/site1" and allow anything after that initial string. Since "//site1*" doesn't start with "/site1" then it will not pass through. Am I missing something here?

The -glob option in the switch command, as well as the "string match" command are great options for using a wildcard or range of characters without the need for the full blown regex engine.

Now, if you really want to reject all other requests not starting with "/site1" then you might want to add a default clause in your switch statement and explicitly issue a reject statement in there. 

 when HTTP_REQUEST {  
   switch -glob [string tolower [HTTP::uri]] {  
     "/site1*" -  
     "/site2*" -  
     "/site3*" -  
     "/site4*" {  
       pool Test_Pool  
     } 
     default { 
       reject 
     }  
   }  
 }

Let me know if I'm missing anything or you need more clarification or examples and I'll be glad to help.

-Joe