Forum Discussion
Michael_Mau_108
Nimbostratus
NimbostratusREGEXP parsing URI
Hello all,
I have a customer who assigns each of his 100+ users with a service name, so he is able to indentify who each customer group is, and what environment they are trying to access (acceptance, test, or production. And example is XML_TCPP_T (test example). This service name is always capitol, and always the first part of the URI.
I have created an I-rule that should compare this service name, and reject requests based on whether it matches or not; but and having problems. I am not showing any errors in the i-rule stats, but the customer is saying requests that should be rejected are passing though.
We are currently using v.9.0.1, but have certified and are upgrading to v9.3.1 shortly. The only thing I can think of, is the "discard" line is not working as expected. I was hoping someone could take a look at my i-rule, or was wondering if there are any known errors with the discard command in my current version.
when HTTP_REQUEST {
if { [regexp matches_regex {XML_[A-Z]*_(P|T)} [HTTP::uri]] }
{
discard
}
}
Thanks for any unsight you can provide.
-Mike
- The_BhattmanHi Mike,
Regular expressions take too long. I think you can get this done by performing the following
switch [HTTP::uri] {
"XML_[A-Z]*_P " {
Do something
}
"XML_[A-Z]*_T" {
Do something
}
}
If it doesn't match these 2 switch statements it terminates. There is a 101 article on it.
http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=129 - Don't forget the "-glob" argument to switch to enable the "file-globbing" matching.
switch -glob [HTTP::uri] { "XML_[A-Z]*_P" { do something } "XML_[A-Z]*_T" { do something } default { do something else } }
If you want to combine the first two cases, you could use eitherswitch -glob [HTTP::uri] { "XML_[A-Z]*_[PT]" { do something } default { do something else } }
orswitch -glob [HTTP::uri] { "XML_[A-Z]*_P" - "XML_[A-Z]*_T" { do something } default { do something else } }
-Joe 
Michael_Mau_108Thanks for the replies. I appreciate it. I still have to put more thought into which version would be the most effective:
when HTTP_REQUEST {
switch -glob [HTTP::uri] {
"XML_[A-Z]*_P" -
"XML_[A-Z]*_T"
{
drop
}
default {
pool pool-default
}
}
}
OR
when HTTP_REQUEST {
switch -glob [HTTP::uri] {
"XML_[A-Z]*_T"
{
pool pool-default
}
default {
drop
}
}
}
Either way I go about it, I will have to create a unique i-rule for each unique VIP. Is there any way to send the request to which ever pool is defined within the VIP that the rule is applied to, rather than send to a pool within the I-rule?
Is there any way to say within the rule, to match a URI and reject that request, and if there are no matches, to not use a default statement; or is the request automatically dropped if there is no match for HTTP::uri?
Thanks for the help.- Nicolas_Menant
Employee
If your iRule doesn't match anything the BIGIP will use the pool defined in your vs configuration.
But if you use a default statement in your switch command to discard everything then you'll never use your default pool defined.
So if you want to do so you need to use the first statement where you can remove the default statement then. Should look like this
when HTTP_REQUEST {
switch -glob [HTTP::uri] {
"XML_[A-Z]*_P" -
"XML_[A-Z]*_T"
{
drop
}
}
}
You should even be able to remove the statement "XML_[A-Z]*_P" - since you don't do anything with it. It will save processing.
HTH
