Telnet Proxy iRule

Thanks, Colin. This is a beginning. Hmm. I see your suggestion seems to include a SERVER_CONNECTED event .... and while this should happen in this application, no decisions are needed at that point. I suspect I didn't explain the problem well or I don't understand your solution.

 

 

The TCP::respond command looks very useful. It would seem we would have something like:

 

 

Client side connection, iRule sends prompt, gathers client input

 

 

when CLIENT_ACCEPTED {

 

TCP::respond "Enter the IP address of destination site.\r\n"

 

TCP::collect 20

 

}

 

 

Once client data collected, verify whether it's a valid IP

 

 

when CLIENT_DATA {

 

set ip [regexp -inline {([:digit:]{1,3}\.){3}[:digit:]{1,3}} [TCP::payload] ]

 

if { [matchclass $ip equals $::validIPs] } {

 

node $ip

 

additional statement to open serverside connection if ip is valid

 

} else {

 

TCP::respond "The IP address is invalid. Hostnames are currently not supported...\r\n"

 

}

 

TCP::release

 

}

 

 

Now, once we have a valid IP address (I'm letting host names go for now), we would need to open a telnet connection to that device. It would seem appropriate if we could do that once the ip address is deemed valid .. just after "node" is assigned $ip.

 

 

Once the server side connection is formed, the iRule is no longer needed.

 

 

We'll keep working on it, but I know we've got a bit to go.

 

 

Thanks again!

Well, we've got our base functionality working with this:

 

 

when CLIENT_ACCEPTED {

 

TCP::respond "Enter the IP address of destination site.\r\n"

 

TCP::collect 15

 

}

 

when CLIENT_DATA {

 

set ip "[TCP::payload]"

 

node $ip

 

TCP::release

 

}

 

 

It's not user friendly; they must enter IP addresses in XXX.XXX.XXX.XXX format (leading zeros when needed) and host names aren't supported, but it works. Next two steps: add SNAT for return routing and make the IP address input better. If all goes well, then add hostname support.