Return a text string

Mark

 

 

What springs to mind....if you've got v11.1 of course is iFiles. You could import the ncsi.txt file and set an iRule to reference this when it receives a http request for msftncsi.com

 

 

Hope this helps,

 

Nathan

 

 

Mark

 

 

See https://devcentral.f5.com/tutorials/tech-tips/v111-ndashexternal-file-access-from-irules-via-ifiles

 

 

HTH

 

Nathan

This is definitely possible. I'll post an iRule shortly.

Here you go;

when HTTP_REQUEST { if { [string tolower [HTTP::uri]] ends_with "ncsi.txt" } { HTTP::respond 200 content "Microsoft NCSI" } }

--Corrected as directed below

i just corrected bracket and operator.

[root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   if { [string tolower [HTTP::path]] ends_with "ncsi.txt" } {
      HTTP::respond 200 content "Microsoft NCSI" noserver Content-Type "text/html" Connection "Close"
   }
}
}
[root@ve10:Active] config  curl -i http://172.28.19.79/ncsi.txt
HTTP/1.0 200 OK
Content-Type: text/html
Connection: close
Content-Length: 14

Microsoft NCSI

Does not sound very kosher though. for example, why block that URI, if in fact you think they should not be allowed to use any Internet service at all?

 

 

Anyways, so you can manage for all http traffic from these client to come to your F5s? how do you do that? F5 LTM is the gateway?

 

 

In order to use an iRule like suggested, you would need a virtual server listening on an IP that those clients would connect to... you could try and just make that IP the actual Microsoft IP address.. is there only one? what if it changes?

 

 

If you can control the clients, it might be simpler to update their /etc/hosts to point the DNS name to loopback.

Please ignore my kosherness remark and accept my apologies. that was wrong and wrong.

 

 

 

Thanks,

 

Mohamed.

Thanks as ever nitass. I've corrected my post too just in case someone doesn't scroll down!

Mark, looks like I was too keen to get a new feature in (relatively new anyway) and over complicated matters.

 

 

Thanks Steve / nitass - a lesson learned on keeping things simple ;-)

 

 

N

 

 

Thanks guys.

 

I can't segregate traffic based on ip - the desktop domain is one big DHCP VLAN. I can however answer a DNS call with an IP of my choosing, which is far simpler in my situation.

 

This part is precisely what I was looking to do:

 

 

rule myrule {

 

when HTTP_REQUEST {

 

if { [string tolower [HTTP::path]] ends_with "ncsi.txt" } {

 

HTTP::respond 200 content "Microsoft NCSI" noserver Content-Type "text/html" Connection "Close"

 

}

 

}

 

 

I tried this a dozen different ways which didn't work, but never with the "text/html" field. I'll plug this one in shortly, and verify results.