For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Richard_Plenovs's avatar
Richard_Plenovs
Icon for Nimbostratus rankNimbostratus
Sep 25, 2014

SMTP iRule with no need for an actual pool

I'm developping an iRule to serve as a connector for a SMS application. The SMS application requires the client to use a SOAP WEBSERVICE to collect the informations needed for the SMS to be sent. The problem is that I have a client which can only send those informations using SMTP. So I try to make an iRule which is behaving like a dummy SMTP server to collect the information from the client then I use a sideband connection to send this to the SMS application in HTTP. It's working like a charm but I used as a starting point the SMTP proxy iRule found on devcentral. So there is a pool of real SMTP servers associated to my Virtual Server and there is an empty connection establishing between my F5 and the SMTP servers. I would like to change this so no pool is needed but when I do so the F5 terminate the client connection immediately. Here is the code :

 

when CLIENT_ACCEPTED {

 

set flagcontinue 0
TCP::respond "220 smsconnector.domain.com SMSBox Connector\r\n"
TCP::collect 0 0

}

 

when CLIENT_DATA {

 

set cdata [TCP::payload]

if { $cdata contains "EHLO" } {
  TCP::payload replace 0 [TCP::payload length] ""
  TCP::respond "250-smsconnector.domain.com SMSBox Connector Hello\r\n" 
  TCP::release
  TCP::collect
  return
}

if { $cdata contains "MAIL FROM:" } {
  TCP::payload replace 0 [TCP::payload length] ""
  TCP::respond "250 2.1.0 Sender OK\r\n"    
  TCP::release
  TCP::collect
  return
}

if { $cdata contains "RCPT TO:" } {
  TCP::payload replace 0 [TCP::payload length] ""
  TCP::respond "250 2.1.5 Recipient OK\r\n" 
  TCP::release
  TCP::collect
  return
}

if { $cdata contains "DATA" } {
  TCP::payload replace 0 [TCP::payload length] ""
  TCP::respond "354 Start mail input; end with .\r\n"   
  TCP::release
  TCP::collect
  return
}

if { $cdata contains "SMS" } {
  TCP::payload replace 0 [TCP::payload length] ""
  set phone [getfield $cdata ";" 3]
  set login [getfield $cdata ";" 4]
  set pwd [getfield $cdata ";" 5]
  set mess [getfield $cdata ";" 6]
  regsub -all {=..} $mess {} mess

   Routine pour trouver le nom ISO du pays de destination
  if {[string range $phone 0 0] eq "1"} {set country "US"}
  else {
    if {[class match [string range $phone 0 1] equals International_Tel] eq 1}
    {set country [class match -value [string range $phone 0 1] equals International_Tel]}
    else {
      if {[class match [string range $phone 0 2] equals International_Tel] eq 1}
      {set country [class match -value [string range $phone 0 2] equals International_Tel]}
      else {set country "ZZ"}
    }
  }

  set sb_method "POST"
  set sb_uri "/smb00WebService/services/ReceiveSmsService"
  set sb_payload "\r\n\r\n\r\n\r\n\r\n\r\nWIF\r\ntext\r\n\r\n\r\n+$phone\r\n$country\r\n\r\nLIBRE\r\n$mess $login $pwd\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n"
  set sb_header "Authorization: Basic XXXXXXXXXXXXXXXXXXXXX=\r\nHost: smsbox.domain.com\r\nAccept: */*\r\nContent-Type: text/xml; charset=utf-8\r\nContent-Length: [string length $sb_payload]\r\n"
  set data "$sb_method $sb_uri HTTP/1.0\r\n$sb_header\r\n\r\n$sb_payload"
  set conn [connect -timeout 3000 -idle 30 -status conn_status 10.1.1.1:80]
  set send_info [send -timeout 3000 -status send_status $conn $data]
  set http_response [recv -eol -timeout 3000 -status recv_status $conn]
  if { $http_response contains "200 OK" } {
    set soap_response [recv -eol -timeout 3000 -status recv_status $conn]
    set code [getfield [getfield $soap_response "" 2] "" 1]
    if { $code contains "00" } {
      log local0. "Credentials for client +$phone have been sent successfully to SMSBox"
    }
    else {log local0. "A SOAP ERROR occured while sending credentials for client +$phone to SMSBox (SMSBox error code : $code)"}
  }
  else {log local0. "A HTTP ERROR occured while sending credentials for client +$phone to SMSBox (HTTP response : $http_response)"}
  close $conn
  TCP::respond "250 2.6.0 Request sent to SMSBox\r\n"
  TCP::release
  TCP::collect
  return
}

if { $cdata contains "QUIT" } {
  TCP::payload replace 0 [TCP::payload length] "QUIT"
  TCP::respond "221 2.0.0 Service closing transmission channel\r\n" 
  TCP::release
  TCP::close
  return
}

}