Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Jonathan_30755's avatar
Jonathan_30755
Icon for Nimbostratus rankNimbostratus
May 24, 2012

Streaming SSL Termination

I'm having an issue with a streaming profile. Currently the profile was created for SSL Termination. With the source being HTTP: and the destination being HTTPS: . The issue is that it re-writes ev...
application delivery
dev
devops
irules
nitass's avatar
nitass
Icon for Employee rankEmployee
May 26, 2012
can you use wildcard only in front of FQDN? 

[root@ve1024:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      stream {}
      tcp {}
   }
}
[root@ve1024:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:80 {}
}
[root@ve1024:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   STREAM::disable
}
when HTTP_RESPONSE {
   if {[HTTP::header value Content-Type] contains "text"}{
      STREAM::expression {@http://[^.]*?\.domain\.com@@ @http://[^.]*?\.domain\.net@@}
      STREAM::enable
   }
}
when STREAM_MATCHED {
   STREAM::replace "[string map {http:// https://} [STREAM::match]]"
}
}

 original content

[root@ve1024:Active] config  curl http://200.200.200.101/test.html
...
http://www.domain.com/something
http://www.google.com/something
http://www.domain.net/something
http://sub.domain.com/something
http://www.yahoo.com/something
...

 replaced content

[root@ve1024:Active] config  curl http://172.28.19.79/test.html
...
https://www.domain.com/something
http://www.google.com/something
https://www.domain.net/something
https://sub.domain.com/something
http://www.yahoo.com/something
...