For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

wctwf_78814's avatar
wctwf_78814
Icon for Nimbostratus rankNimbostratus
Feb 09, 2009

Validation of iRule HTTPS::REDIRECT

Totally blank on the scripting side of things so here is the scenario for which iRule needs to be written. Looking for some insight here as to what's the logic to apply here.

 

 

Situation Given:

 

----------------

 

website: www.ensynch.com

 

 

Create iRule: HTTPS REDIRECT the above website to https://www.ensynch.com/test/

 

 

Below is what I came up with base on published solution on the forum as the sample iRules:

 

 

rule company.com_https_redirect {

 

when HTTP_REQUEST {

 

HTTP::redirect "https://[HTTP::host][HTTP::uri]" }

 

}

 

 

 

WOULD LIKE TO KNOW IF THERE IS ANYTHING WRONG WITH THE above created iRule or syntax or logic.

 

 

Appreciate your input as I am still trying to get around the various syntax & TCL tit bits.

 

 

WCTWF
application delivery
dev
devops
iRules

4 Replies

  • The_Bhattman's avatar
    The_Bhattman
    Icon for Nimbostratus rankNimbostratus
    Feb 09, 2009
    I suppose you can write it like the following 

     
 when HTTP_REQUEST { 
      if {([HTTP::host] eq "www.ensynch.com") && ([HTTP::uri] ends_with "/") } { 
              HTTP::redirect "[HTTP::host]/test" 
      } 
 }

    This specifically looks for "www.ensynch.com" and also checks if you have an URI, but assumes not to redirect if it the URI already contains /test. Since I you haven't stated exactly what the conditions of the redirect this is a simple point to start with.

    Hope this helps

    CB

    CB
  • wctwf_78814's avatar
    wctwf_78814
    Icon for Nimbostratus rankNimbostratus
    Mar 10, 2009
    CB,

     

     

    Not sure if I understood your last statement about "what the conditions of the redirect".

     

     

    As I indicated in the earlier post that situation is whenever anyone trying to access www.ensynch.com website then request must be redirected to https://www.ensynch.com/test

     

     

    I am thinking above pretty much tells you the condition, event for the iRule. Is it not so?

     

     

    WCTWF
  • lmwf1_55268's avatar
    lmwf1_55268
    Icon for Nimbostratus rankNimbostratus
    Mar 10, 2009
    The control operators are && (read as AND) and || (read as OR). The syntax for AND list is as follows

     

    Syntax:

     

    command1 && command2

     

    command2 is executed if, and only if, command1 returns an exit status of zero.

     

     

    The code cmbhatt provided evaluates:

     

    command1 = ([HTTP::host] eq "www.ensynch.com")

     

     

    AND

     

     

    command2 = ([HTTP::uri] ends_with "/")

     

     

    if BOTH are true, then will redirect.
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Mar 11, 2009
    Also, you mention that the requests are being made over HTTPS. In order to view/modify the HTTP content on LTM, you will need to decrypt the SSL with a client SSL profile.

     

     

    Aaron