Forum Discussion

Nimbostratus

Apr 02, 2019

Want to create a Irule in BIG-IP 11.5.1 Build 10.0.180 Hotfix HF10

We need to create irule to allow if clients connects on port 21, 23, 443, 990 it has to go different pool, Example pool name: tcp port 21 has to go for the pool Globalscape-HA-servers-SSH-pool ...

application delivery

iRules

rob_carr

Cirrocumulus

Apr 03, 2019

Reformatting your rule for readability:

    when CLIENT_ACCEPTED {
    if {[TCP::remote_port] == 21} {
        pool Globalscape-HA-servers-SSH-pool      
    } elseif {[TCP::remote_port] == 23} {
        pool Globalscape-HA-servers-Telnet-pool         
    } elseif {[TCP::remote_port] == 990} {
        pool Globalscape-HA-servers-990-pool
    } elseif {[TCP::remote_port] == 443} { 
        pool Globalscape-HA-servers-SSL-pool 
    } else { 
        discard 
    }
}

Are you sure this is working in v12?

I ask because in the clientside contex, TCP::remote_port returns the client's source port, while the logic of your rule is interested in the client's destination port.

I suggest rewriting this rule with TCP::local_port, then testing to see if you are getting the desired outcome.

You might also want to look into replacing your if/else construct with the switch construct, for efficiency sake.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)