For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mike_Maher's avatar
Mike_Maher
Icon for Nimbostratus rankNimbostratus
Nov 11, 2013

Working with POLICY::rules in 11.4.1

I am trying to move an iRule from 11.2.0 where I am using HTTP_CLASS_SELECTED and HTTP::class and make it work using POLICY::rules. Here is what I am using currently in 11.2.0 that is working fin...
application delivery
deployment
design
devops
iRules
Philippe_CLOUP_'s avatar
Philippe_CLOUP_
Historic F5 Account
Nov 13, 2013

Hi Mike,

the 

POLICY::rules
command requires you to use "matched" like the following

POLICY::rules

Mike_Maher's avatar
Mike_Maher
Icon for Nimbostratus rankNimbostratus
Nov 14, 2013
Ok I think I have worked out. This will load as an iRule and I am pretty sure it work fine based upon preliminary testing I have done. I just did not fully get the wiki on the first pass. To pull what rule is being matched you have to tell the POLICY::rules statement what the name of the policy is that it is looking at. when CLIENT_ACCEPTED { set retries 0 } when HTTP_REQUEST { set policy [POLICY::names matched] if {[POLICY::rules matched $policy] eq "hqdesktop-securera-8000_class-policy-rule"}{ set backup_pool PHX-hqdesktop-8000.edwardjones.com_pool } if {[POLICY::rules matched $policy] eq "desktop-securera-8000_class-policy-rule"} { set backup_pool PHX-desktop-8000.edwardjones.com_pool } } when LB_FAILED { if { $retries < [active_members $backup_pool] } { LB::reselect pool $backup_pool incr retries } }