Send a POST API Request via iRule

Question

Hello team.Help me please with sending a POST api request via iRule. What I want is somethink like this:&nbsp;&nbsp;&nbsp;when ASM_REQUEST_VIOLATION {
    *I don't know what command should be here* "POST /sample/post/json%0A HTTP/1.0

Host: test.com
 {Client_address: IP::client_addr}"
 }&nbsp;&nbsp;or just:&nbsp;when ASM_REQUEST_VIOLATION {
    *send via API to another host* "Client_address= IP::client_addr"
 }&nbsp;So the main goal is send Client Address from Violation event to another host via API. Is it possible to do something like that?

xuwen · Answer

send POST method should use the iRules sideband method. The difficulty is whether your server POST does not require username, password or Token authentication about F5?
https://clouddocs.f5.com/api/irules/SIDEBAND.html&nbsp;
firstly, F5 whether can ping NGFW and telnet NGFW 80(assume NGFW api service port is 80)?
secondly, if F5 can not telnet NGFW 80,&nbsp; F5 need to add network route to NGFW, make sure F5 can telnet NGFW 80
here is the http post api code(NGFW api service mode does not work in https://xxxx mode), NGFW(example NGFW ip is 10.0.0.10, api service port is 80) with no&nbsp;authentication for POST&nbsp;
&nbsp;
&nbsp;
&nbsp;
when ASM_REQUEST_DONE priority 500 {
    set asm_ip [ASM::client_ip]
    set asm_json "\{\"Client_address\":$asm_ip\}"
    set content_length [string length $asm_json]
    set data "POST /sample/post/json HTTP/1.0
Host: test.com
Content-type: application/json
Content-Length: ${content_length}

${asm_json}"
    if { [catch {connect -time 1000 -idle 30 -status conn_status 10.0.0.10:80} conn_id] == 0 &amp;&amp; $conn_id ne "" } {
        log local0. "Connect returns: $conn_id and conn status: $conn_status"
        set send_bytes [send -timeout 1000 -status send_status $conn_id $data]
        log local0. "Sent $send_bytes with status $send_status"
        close $conn_id
        return
    } else {
        log local0. "Connection could not be established to NGFW"
        return
    }
}
&nbsp;
&nbsp;
&nbsp;

juergen_mang · Answer

To send http requests with iRules, I always use this:
https://clouddocs.f5.com/api/irules/HTTP-Super-SIDEBAND-Requestor-Client-Handles-Redirects-Cookies-Chunked-Transfer-APM-Access-etc.html
It works like a charme and handles all the http parts for you.

ca_valli · Answer

I agree with the other MVP's here, sideband works like a charm - just yesterday I was deploying a new service that needs to trigger an API connection to an external database to retrieve some info that I use to distribute the packet, and I'm using sideband for that.

boneyard · Answer

Where you able to get something working Aantat ?

aantat · Answer

Hi&nbsp;boneyard.Unfortunately I didn't

Forum Discussion

Send a POST API Request via iRule

Recent Discussions

Installing a PKCS 12 File onto an F5 Device

Irule to allow specific IPs

Uploading SKCS 12 File to F5 Device

F5 not Identifying Parameter in Text/Plain Upload

Migration from physical Hardware to R series

Related Content

Select Request Logging Profile via iRule

SAML SLO request ignored on iRules

BIG-IP send gratuitous ARP when force standby?

client request rule

ng_export with Per Request Policies