20 Lines or Less #1

Yesterday I got an idea for what I think will be a cool new series that I wanted to bring to the community via my blog.  I call it "20 lines or less".  My thought is to pose a simple question: "What can you do via an iRule in 20 lines or less?".

Each week I'll find some cool examples of iRules doing fun things in less than 21 lines of code, not counting white spaces or comments, round them up, and post them here.  Not only will this give the community lots of cool examples of what iRules can do with relative ease, but I'm hoping it will continue to show just how flexible and light-weight this technology is - not to mention just plain cool.

I invite you to follow along, learn what you can and please, if you have suggestions, contributions, or feedback of any kind, don't hesitate to comment, email, IM, whatever. You know how to get a hold of me...please do. ;) I'd love to have a member contributed version of this once a month or quarter or ... whatever if you guys start feeding me your cool, short iRules.

Ok, so without further adieu, here we go. The inaugural edition of 20 Lines or Less.

For this first edition I wanted to highlight some of the things that have already been contributed by the awesome community here at DevCentral. So I pulled up the Code Share and started reading. I was quite happy to see that I couldn't even get halfway through the list of awesome iRule contributions before I found 5 entries that were neat, and under 20 lines (These are actually almost all under 10 lines of code - wow!)

Kudos to the contributors. I'll grab another bunch next week to keep highlighting what we've got already!

Cipher Strength Pool Selection

Ever want to check the type of encryption your users are using before allowing them into your most secure content?  Here's your solution.

  when HTTP_REQUEST {
    log local0. "[IP::remote_addr]: SSL cipher strength is [SSL::cipher bits]"
    if { [SSL::cipher bits] < 128 }{
      pool weak_encryption_pool
    } else {
      pool strong_encryption_pool
    }
  }

Clone Pool Based On URI

Need to clone some of your traffic to a second pool, based on the incoming URI? Here you go...

when HTTP_REQUEST {
  if { [HTTP::uri] starts_with "/clone_me" } {
    pool real_pool
    clone pool clone_pool
  } else {
    pool real_pool
  }
}

Cache No POST

Have you been looking for a way to avoid sending those POST responses to your RAMCache module? You're welcome.

when HTTP_REQUEST {
  if { [HTTP::method] equals "POST" } {
    CACHE::disable
  } else {
    CACHE::enable
  }
}

Access Control Based on IP

Here's a great example of blocking unwelcome IP addresses from accessing your network and only allowing those Client-IPs that you have deemed trusted.

when CLIENT_ACCEPTED  {
  if { [matchclass [IP::client_addr] equals $::trustedAddresses] }{
    #Uncomment the line below to turn on logging.
    #log local0.  "Valid client IP: [IP::client_addr] - forwarding traffic"
    forward
  } else {
    #Uncomment the line below to turn on logging.
    #log local0. "Invalid client IP: [IP::client_addr] - discarding"
    discard
  }
}

Content Type Tracking

If you're looking to keep track of the different types of content you're serving, this iRule can help in a big way.

# First, create statistics profile named "ContentType" with following entries:
#   HTML
#   Images
#   Scripts
#   Documents
#   Stylesheets
#   Other
# Now associate this Statistics Profile to the virtual server.  Then apply the following iRule.
# To view the results, go to Statistics -> Profiles - Statistics

when HTTP_RESPONSE {
   switch -glob [HTTP::header "Content-type"] {
      image/*         { STATS::incr "ContentType" "Images" }
      text/html       { STATS::incr "ContentType" "HTML" }
      text/css        { STATS::incr "ContentType" "Stylesheets" }
      *javascript     { STATS::incr "ContentType" "Scripts" }
      text/vbscript   { STATS::incr "ContentType" "Scripts" }
      application/pdf { STATS::incr "ContentType" "Documents" }
      application/msword { STATS::incr "ContentType" "Documents" }
      application/*powerpoint { STATS::incr "ContentType" "Documents" }
      application/*excel { STATS::incr "ContentType" "Documents" }
      default         { STATS::incr "ContentType" "Other" }
   }
}

There you have it, the first edition of "20 Lines or Less"! I hope you enjoyed it...I sure did. If you've got feedback or examples to be featured in future editions, let me know.

#Colin

Published Apr 09, 2008
Version 1.0