rewrite ldaps request

Question

Hello,&nbsp;I have to rewrite an LDAPs request by an irule. My goal is replace a string by another one. Here is objectClass=person to objectClass=*&nbsp;I tried differents things but LDAP server doesn't understand what I sent to it.&nbsp;Here is my code. I put key word "LDAP" in my log to grep it easily&nbsp;Code
when RULE_INIT {
     translate into hexa
    binary scan "objectClass=person" H* static::class1
    binary scan "objectClass=*" H* static::class2
}

when CLIENTSSL_HANDSHAKE {
SSL::collect
}

when CLIENTSSL_DATA {
     binary scan [SSL::payload] H* temp(hex_ssl_payload)
     if { $temp(hex_ssl_payload) contains $static::class1 } then {
       SSL::payload replace 0 $static::class1 $static::class2
    } else {
            log -noname local0.debug "LDAP request NOK"
}
    SSL::release
}I don't really know if the tranlation into hexa is the right way.&nbsp;Regards&nbsp;

cwat_115731 · Answer

Finallaly I success what I wanted.
Here is my new question.
The LDAP VIP is an offload VIP. Between the F5 and the ldap server is LDAP and not LDAPs.&nbsp;
How can I do after ssl::release to change it to tcp::release ?&nbsp;
Regards&nbsp;

Forum Discussion

rewrite ldaps request

Recent Discussions

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Big IP DNS Failover

Related Content

Rewriting Redirects

LDAP Proxy

iRules Recipe 2: Transparent Request Target Rewriting

Rewriting iRules...LIVE!

Logging DNS Requests

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS