Skip rewriting of External URLs

Question

I am new to F5 iRules, so please bear with me.&nbsp;
&nbsp;Situation:
&nbsp; 0. Assume my domain is  homedomain.com.
&nbsp; 1. An Extranet of several existing applications and Portal pages. 
&nbsp; 2. Some of the links on the Applications &amp; Portals point to our partner sites (partner1.com; partner2.com).
&nbsp; &nbsp;
&nbsp;My requirement:
&nbsp; When the user clicks on the partner link, currently F5 is rewriting it to proxy the external links. 
&nbsp; My need is to skip/bypass rewriting of any URLs that do not belong to homedomain.com.
&nbsp; Also, I would like to define a "white list of trusted partners" and block all others (For example: to avoid phishing).&nbsp;
&nbsp;How can I achieve that using iRules ?&nbsp;
&nbsp;Many thanks
&nbsp;Dexthor.&nbsp;

the_bhattman · Answer

Hi Dexthor, 
&nbsp;       I believe you can.   
&nbsp;  
&nbsp; I think you might want to take a look at the following wiki section for STREAM::expressions.  The 4th and 5th Example depicts pretty closely to what you want started. 
&nbsp; Click Here 
&nbsp;  
&nbsp;   
&nbsp; In regards to drawing up a while list you should read the following forum that uses datagroups within the STREAM expression; 
&nbsp; Click Here 
&nbsp;  
&nbsp; Combining these 2 pieces of information should get close to what you are looking for. 
&nbsp;  
&nbsp; You can always post details about current method you are using to rewrite the links.  That would help us in the forums to be a bit more specific. 
&nbsp;  
&nbsp; Bhattman 
&nbsp;  
&nbsp;  &nbsp;

hooleylist · Answer

As Bhattman said, I think the last example is closest for doing validation of the links.  If you provide more exact (but anonymized) examples of the response content you do and don't want to rewrite, we can give you more specific ideas on how to implement it.  You could potentially have a whitelist of domains in a string datagroup and then use the class command to check the domains in the STREAM_MATCHED event: 
  From: http://devcentral.f5.com/Wiki/default.aspx/iRules/STREAM__expression
when HTTP_REQUEST {
    Disable the stream filter for all requests
   STREAM::disable
}
when HTTP_RESPONSE {

Check if response type is text  
   if {[HTTP::header value Content-Type] contains "text"}{

Match an http://*example.com string and replace it with nothing yet
      STREAM::expression {&amp;http://.*?example\.com&amp;&amp;}

Enable the stream filter for this response only  
      STREAM::enable  
   }  
}   
when STREAM_MATCHED {

Check if the matched string meets some condition that can't easily be checked for using a single regex in STREAM::expression
   if {[STREAM::match] starts_with "host1"}{

Replace http:// with https:// and do the replacement
      STREAM::replace "[string map {http:// https://} [STREAM::match]]"
      log local0. "[IP::client_addr]:[TCP::local_port]: matched: [STREAM::match], replaced with: [string map {http:// https://} [STREAM::match]]"  
   }
}
 
 http://devcentral.f5.com/Wiki/default.aspx/iRules/class 
 Aaron

Forum Discussion

Skip rewriting of External URLs

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

CSV to Address External Datagroup File

Rewriting Redirects

Rewriting iRules...LIVE!

External Monitor Information and Templates

TACACS+ External Monitor (Python)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS