Simple Rule ? (I think)

Question

This will be my first time implementing rules on an BIGIP so I have a few quick questions.  I have about 30 different URL's that will be hitting my BIGIP (ex..  myweb.com, myweb.org, test.myweb.com) and a portion of the URL has the same name.  Would I use "HTTP_URI contains myweb" or is there an easier way to determine that.  Or is there a way that I can say here are all the URI's that belong in this group then check that.  I see there are sets is that what they are used for.  Out of my 30 URL's they are broken up into three groups. 
&nbsp;  
&nbsp; Thanks in advance.

mike_pones_6391 · Answer

Sorry I meant "Classes".

scott_tennican_ · Answer

First, I think you want to test the http_host not the http_uri. 
 If there is a single substring which identifies the pool to select, 
 use a simple "contains" operator:

rule myrule { 
    if (http_host contains "myweb") { 
       use pool pool1 
    } 
    else if (http_host contains "bobweb") { 
       use pool pool2 
    } 
    else { 
       use pool pool3 
    } 
 }

On the other hand, if there are multiple substrings which identify the 
 pool to select, use a "contains one of" operator:

class their_class { 
     "bobweb" 
     "danweb" 
 } 
 class our_class { 
     "yourweb" 
     "myweb" 
 } 
  
 rule myrule { 
    if (http_host contains one of our_class) { 
       use pool pool1 
    } 
    else if (http_host contains one of their_class) { 
       use pool pool2 
    } 
    else { 
       use pool pool3 
    } 
 }

mike_pones_6391 · Answer

Thanks for your answer gumby.  I was looking in the documentation and I wanted to make sure I understand the diff between the http_uri and http_host.   
&nbsp;  
&nbsp; Is the following correct? 
&nbsp; Actual URL = http://www.myweb.com/test.asp 
&nbsp; HTTP_HOST = www.myweb.com 
&nbsp; HTTP_URI = test.asp 
&nbsp;  
&nbsp; If this is correct then I can definitely use the http_host to decide which of the 3 groups the request should be forwarded to via classes.  Your second example is closer to my requirements; I have 30 domains that are forwarded to 3 different pools depending on the actual domain.  Then I also have an instance where there might be the "test.asp" at the end of the URL and I can use the http_uri to make that decision once I get it into the correct group. 
&nbsp;  
&nbsp; You should see the requirements that I have for this project, just trying to take it one step at a time.  LOL 
&nbsp;  
&nbsp; Thanks again... &nbsp;

scott_tennican_ · Answer

Almost correct. 
&nbsp; Your http_uri is /test.asp. 
&nbsp;  
&nbsp; Take a look using: 
&nbsp; tcpdump -X -s 1600 -i external port http 
&nbsp;  
&nbsp; Good luck and let me know if you have trouble with your mondo configuration. &nbsp;

scott_tennican_ · Answer

Nope, it's not possible to parse encrypted traffic. 
&nbsp; So, you'll need to configure an SSL decryption proxy which targets 
&nbsp; your http virtual (probably on a loopback address).  Read the SSL Accelerator Proxies section of your Reference Guide for more details.  Once you have the traffic decrypted then, yes, more than one virtual can reference the same rule. 
&nbsp;  &nbsp;

Forum Discussion

Simple Rule ? (I think)

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

Simple Sideband - iRule sideband the easy way

BIG-IP Solutions: Simple URL Redirects

F5 Distributed Cloud Origin Server Subset Rules

Simple iRulesLX JSON rewrite

Making WAF Simple: Introducing the OWASP Compliance Dashboard

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS