Forum Discussion
Abe_11636
Cirrus
Cirrussimple irule not forwarding
this is my irule: (for a vip on 443)
when HTTP_REQUEST {
if { [HTTP::host] eq "http://aira.coxnet.cox.net"} {
HTTP::redirect "https://aira.coxnet.cox.net/airnetProp[HTTP::uri]"
}
}
It doesnt get forwarded; if I type in the url it goes in fine
The irule order is the last 1
member: Windows server with IIS ( it would easy to do a url forward from iis
Thanks for any advise
Joe
5 Replies
Peter_72728Nimbostratus
HTTP::host only only contains the host (e.g. aira.coxnet.cox.net) not the protocol. So, the expression in your conditional will always evaluate to false.
Incorrect:
if { [HTTP::host] eq "http://aira.coxnet.cox.net"} {
Better?:
if { [HTTP::host] eq "aira.coxnet.cox.net"} {
richard_77048I see two things with your rule.
First, is that [HTTP::host] is never going to be a full URL. The host portion of the request would be "aira.coxnet.cox.net". Your rule will never match an HTTP host because you will never get one that looks like the one in your rule.
Second, you say this is rule is on an HTTPS vip. Any requests going to this vip are going to be of the form, "https://aira.coxnet.cox.net/???". It looks like what you are trying to do is redirect HTTP requests to HTTPS. If you want all traffic to go over HTTPS, you could configure a vip listening on port 80 and add a rule that redirects all requests to HTTPS. It might look something like this:when HTTP_REQUEST { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
You could always check the HTTP host on that if you wanted which would make it look like this:when HTTP_REQUEST { if {[HTTP::host] equals "aira.coxnet.cox.net" } { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }
Richard- richard_77048Crap. I had two examples there but one of them got lost...
The first one was the blanket redirect all traffic to HTTPS:
when HTTP_REQUEST {
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
}
The modification to it was the addition of the HTTP host check:
when HTTP_REQUEST {
if {[HTTP::host] equals "aira.coxnet.cox.net" } {
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
}
}
Richard - Peter_72728It looks like you are also trying to force SSL. So, you need to also check the protocol:
if {[TCP::local_port] equals "80"} {...
or maybe...
if {[HTTP::host] eq "http://aira.coxnet.cox.net" and [TCP::local_port] equals "80"} {... - nitass
Employee
pls feel free to revise.[root@orchid:Active] config b virtual bar443 list virtual bar443 { snat automap destination 172.28.17.88:https ip protocol tcp rules myrule profiles clientssl http tcp } [root@orchid:Active] config b rule myrule list rule myrule { when HTTP_REQUEST { if {[string tolower [HTTP::host]] equals "aira.coxnet.cox.net"} { HTTP::redirect "https://aira.coxnet.cox.net/airnetProp[HTTP::uri]" } } } [root@orchid:Active] config curl -Ik https://aira.coxnet.cox.net/test123 HTTP/1.0 302 Found Location: https://aira.coxnet.cox.net/airnetProp/test123 Server: BigIP Connection: Keep-Alive Content-Length: 0
