Forum Discussion
how to insert Basic Authorization into http header while redirecting
when CLIENT_ACCEPTED {
set hsl [HSL::open -proto UDP -pool hsl_syslog_pool]
}
when CLIENTSSL_HANDSHAKE {
SSL::collect
}
}
when CLIENTSSL_DATA {
if { [regexp {(\d{8})(\d{15})} [SSL::payload] -> tid mid] } {
HSL::send $hsl "Client: [IP::client_addr] is using [SSL::cipher version]. SSL Cipher:[SSL::cipher name]. Virtual:[virtual]. SSL Profile:[PROFILE::clientssl name]. tid=$tid mid=$mid."
}
SSL::release
}
} else {
If we did not have a TID OR MID in the transaction then just log the info that we have
HSL::send $hsl "SSL_CUSTOM: No TID or MID TYPE found for Client: [IP::client_addr] is using [SSL::cipher version]. SSL Cipher:[SSL::cipher name]. Virtual:[virtual]. SSL Profile:[PROFILE::clientssl name]."
}
}
you mean this one, don't you? if yes, it looks okay to me.
when CLIENT_ACCEPTED {
set hsl [HSL::open -proto UDP -pool hsl_syslog_pool]
}
when CLIENTSSL_HANDSHAKE {
SSL::collect
}
when CLIENTSSL_DATA {
if { [regexp {(\d{8})(\d{15})} [SSL::payload] -> tid mid] } {
HSL::send $hsl "Client: [IP::client_addr] is using [SSL::cipher version]. SSL Cipher:[SSL::cipher name]. Virtual:[virtual]. SSL Profile:[PROFILE::clientssl name]. tid=$tid mid=$mid."
} else {
If we did not have a TID OR MID in the transaction then just log the info that we have
HSL::send $hsl "SSL_CUSTOM: No TID or MID TYPE found for Client: [IP::client_addr] is using [SSL::cipher version]. SSL Cipher:[SSL::cipher name]. Virtual:[virtual]. SSL Profile:[PROFILE::clientssl name]."
}
SSL::release
}
- Mayur_SutareSep 18, 2020
MVP
,
With this, your virtual server itself won't show/become available. Kindly configure a pool and add required node under it with service port where your service/application is running. So F5 will forward request to the node on configured service. With this, if pool come up, your virtual server will also become available once you configure iRule on it. And it will work as expected.
when CLIENT_ACCEPTED { pool POOL_NAME }
Hope it helps!
- Pedro_BoavidaSep 18, 2020
Nimbostratus
Hi,
The missing code in the irule performs a name lookup to determine its IP address (dynamic).
It used to work before.
Thanks for your help anyway.
Regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com