Forum Discussion
AltocumulusUnset a static variable
We have an iRule that compares the host-header against a list of host names in an internal data-group. The iRule is assigning the data-group to a static variable in RULE_INIT, which leads to some odd behavior when modifying the data-group. On most occasions, changes to the data-group are reflected immediately in the iRule; however, there are times when the iRule doesn't update the variable. When the latter happens, it is sometimes fixed by removing the iRule and adding it back, but sometimes this doesn't even work. Based on some other articles, I've also tried modifying the iRule by adding some white space to force a new checksum on the iRule. I seem to have inconsistent results.
I've seen the unset command, but I'm not sure how it should be used in practice. Would I just temporarily add this at the end of the iRule and then remove it after it has been re-initiated? I assume it would not make sense to leave it in the iRule permanently because it would defeat the purpose of using static in the first place.
Here is a little snippet of the iRule. I'm testing this on 14.1 if it matters.
when RULE_INIT {
set static::badDomains "badDomains"
}
when HTTP_REQUEST {
if { ([class match [getfield [HTTP::host] ":" 1] ends_with $static::badDomains]) } {
HTTP::respond 301 Location "http://www.website.com/baddomain.html"
}
}
cjuniorNacreous
Hi,
Are you facing issue on data group values or iRule deployment that not reflect on requests?
In static variable, you are storing the data group name. Maybe I'm wrong, but It don't make sense to not reflect that data group updates as you are checking those values on the fly.
Can you confirm that issue occurs both to a new and existing connections?
Have you tried to log the data group count and values to know what are ready to be matched?
It is just an idea to troubleshooting.
e.g.
when HTTP_REQUEST { log local0. "DG Name: $static::badDomains | DG count: [class size $static::badDomains] | DG items: [class names $static::badDomains]" }The unset command make sense when you are defining and using variables and then need to delete it from memory:
when HTTP_REQUEST { set myVar "devcentral" log local0. "myVar value is: $myVar" unset myVar if { not [info exists myVar] } { log local0. "myVar was deleted" } }Regards
Roland00Thanks for the response. I'm not sure I understand your first question. If we add a domain to the data-group, we generally see requests for the new 'bad domain' do not match the condition. We see the similar behavior when we remove a 'bad domain'. I assume this is a result of using a static variable which only updates during initiation of the iRule (or unsetting). I don't know the best way to force it to update, though. I've had limited success unassigning the iRule.
I've never used a static before; If I were writing it myself, I would just reference the data-group directly in the 'if' condition. I believe a static was used because the data-group is only modified once a month. Additionally, it is applied to a high volume website so I assume there are some efficiencies in using a static.
I was using curl to test, so I did confirm the behavior occurs with new connections, but I will do some more testing with a log statement similar to what you provided. I wasn't sure the best way to get insight into the data-group and static.
Thanks
- cjunior
Sorry for the inconvenience.
The RULE_INIT event is in a global scope, so when you declare a static variable, you are setting it for all contexts. When you update the static variable values, it should affect all running contexts when iRule is updated.
Working with local variables, usually the old connections will not take the new iRule version and values. So, only the new connections will take the new values and updates.
Furthermore, It sounds weird to me that you can not read the entries changes on the data group since you are storing the data group name reference to match that list at runtime, right?
See:
https://clouddocs.f5.com/api/irules/RULE_INIT.html?highlight=rule_init
Regards.