Forum Discussion
NimbostratusTCL Error on iRule
Upgraded from 11.2.1 HF13 to 11.2.1 HF15+Engineering fix today and we are now seeing the following error in our LTM log. This iRule rewrites the user agent for incoming connections to a specific a virtual server.
TCL error: /Common/iRule_Name <833d3f7a-636f-4cfa-99da-96a9bd8d6ac6> - Operation not supported (line 1) invoked from within "HTTP::header replace "User-Agent" " Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/26.0 FF5R6" " ("safari" arm line 1) invoked from within "switch -glob [string tolower [HTTP::header "User-Agent"]] { "chrome" { HTTP::header replace "User-Agent" "Mozilla/5.0 (Windows; U; Windows NT 6.0; ..."
We've been using this iRule for quite sometime (years) without any issue. Here is the iRule:
when HTTP_REQUEST {
if {[string tolower [HTTP::header User-Agent]] contains "windows nt 6." }{
switch -glob [string tolower [HTTP::header "User-Agent"]] {
"*chrome*" { HTTP::header replace "User-Agent" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100101 Firefox/26.0 FF5R1" }
"*safari*" { HTTP::header replace "User-Agent" " Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/26.0 FF5R2" }
}
}
elseif {[string tolower [HTTP::header User-Agent]] contains "windows nt 5." }{
switch -glob [string tolower [HTTP::header "User-Agent"]] {
"*chrome*" { HTTP::header replace "User-Agent" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.9.2.8) Gecko/20100101 Firefox/26.0 FF5R3" }
"*safari*" { HTTP::header replace "User-Agent" " Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/26.0 FF5R4" }
}}
else {
switch -glob [string tolower [HTTP::header "User-Agent"]] {
"*chrome*" { HTTP::header replace "User-Agent" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100101 Firefox/26.0 FF5R5" }
"*safari*" { HTTP::header replace "User-Agent" " Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/26.0 FF5R6" }
}
}
log local0. "[IP::client_addr] [HTTP::header User-Agent] "
}
Any assistance would be appreciated. Thanks.
2 Replies
Stanislas_Piro2Cumulonimbus
Hi,
Do you have another irule assigned to the same VS (and above)? Does this irule contains HTTP::respond or HTTP::redirect actions?
John_FerrinWe do have 2 other iRules on that virtual server. The user agent re-write is the first listed. The next has the following code in it (not the prettiest or most efficient code but it's worked).
when HTTP_REQUEST { if { [HTTP::uri] contains "/useradmin/"} { redirect to "/" } if { [HTTP::uri] contains "/nwa/"} { redirect to "/" } if { [HTTP::uri] contains "/wsnavigator/"} { redirect to "/" } if { [HTTP::uri] equals "/webdynpro/welcome/Welcome.jsp"} { redirect to "/" } if { [HTTP::uri] contains "/uddiclient/"} { redirect to "/" } if { [HTTP::uri] contains "/sap/monitoring/"} { redirect to "/" } if { [HTTP::uri] equals "/SQLTrace/index.html"} { redirect to "/" } if { [HTTP::uri] equals "/index.html"} { redirect to "/" } } `The last one contains the following code.`when HTTP_REQUEST { if { [info exists MAINTMODE] and $MAINTMODE eq "on" } { HTTP::respond 302 Location "http://hostname.company.us/portal_down/index.html" } elseif { [HTTP::uri] equals "/"} {HTTP::redirect "/irj/portal/" } }So yes, they both have HTTP::respond and redirect action in them. It's always been our understanding that iRules simply process in order. One after the other. We've been doing multiple iRules on virtual servers with most of them containing a respond or redirect action for years. Was this a recent change in behavior if it's not allowed?
