Forum Discussion

Steven_87308's avatar
Steven_87308
Icon for Nimbostratus rankNimbostratus
Feb 10, 2012

stuck on first complex irule - req for help

I'm writing to ask for help with the design of an irule solution. My goal is to get various URIs to either redirect to SSL during authentication, or to fail pass http through to a standard pool. ...
application delivery
dev
devops
iRules
nitass's avatar
nitass
Icon for Employee rankEmployee
Feb 11, 2012
this is based on richard's suggestion. 

root@ve1110(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.19.252:80
    ip-protocol tcp
    mask 255.255.255.255
    profiles {
        http { }
        tcp { }
    }
    rules {
        myrule
    }
    snat automap
    vlans-disabled
}
root@ve1110(Active)(/Common)(tmos) list ltm rule myrule
ltm rule myrule {
    when HTTP_REQUEST {
   set uri [HTTP::uri]
   switch -glob [string tolower $uri] {
      "/path1*"  -
      "/path2*"  { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
      "/path3*"  -
      "/path4*" { pool pool1 }
      default  { pool pool2 }
   }
}

when HTTP_RESPONSE {
   log local0. "[IP::client_addr]:[TCP::client_port] | $uri | [IP::remote_addr]:[TCP::remote_port]"
}
}
root@ve1110(Active)(/Common)(tmos) list ltm pool pool1
ltm pool pool1 {
    members {
        200.200.200.101:80 {
            address 200.200.200.101
        }
    }
}
root@ve1110(Active)(/Common)(tmos) list ltm pool pool2
ltm pool pool2 {
    members {
        200.200.200.102:80 {
            address 200.200.200.102
        }
    }
}

[root@ve1110:Active] config  curl -I http://172.28.19.252/path1/whatever?a=1
HTTP/1.0 302 Found
Location: https://172.28.19.252/path1/whatever?a=1
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

[root@ve1110:Active] config  curl -I http://172.28.19.252/path2/whatever?a=1
HTTP/1.0 302 Found
Location: https://172.28.19.252/path2/whatever?a=1
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

[root@ve1110:Active] config  curl -I http://172.28.19.252/path3/whatever?a=1
HTTP/1.1 404 Not Found
Date: Sat, 11 Feb 2012 02:50:43 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

[root@ve1110:Active] config  curl -I http://172.28.19.252/path4/whatever?a=1
HTTP/1.1 404 Not Found
Date: Sat, 11 Feb 2012 02:50:53 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

[root@ve1110:Active] config  curl -I http://172.28.19.252/whatever?a=1
HTTP/1.1 404 Not Found
Date: Sat, 11 Feb 2012 02:46:23 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1

[root@ve1110:Active] config  cat /var/log/ltm
Feb 10 18:42:08 tmm info tmm[7321]: Rule /Common/myrule : 172.28.19.253:46156 | /path3/whatever?a=1 | 200.200.200.101:80
Feb 10 18:42:18 tmm info tmm[7321]: Rule /Common/myrule : 172.28.19.253:46160 | /path4/whatever?a=1 | 200.200.200.101:80
Feb 10 18:42:23 tmm info tmm[7321]: Rule /Common/myrule : 172.28.19.253:46162 | /whatever?a=1 | 200.200.200.102:80