CodeShare
Have some code. Share some code.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner
Stanislas_Piro2
Cumulonimbus
Cumulonimbus

Problem this snippet solves:

When creating monitor, we usually check web site availability with curl.

These commands allow to check if HTTP Monitor send string is correct

How to use this snippet:

from F5 cli (not tmsh) run following commands

Monitor HTTP:

SEND_STRING='Monitor String'
(echo -ne $SEND_STRING; cat) | nc 'Pool Member IP' 'Pool member port'

Monitor HTTPS:

SEND_STRING='Monitor String'
(echo -ne $SEND_STRING; cat) | openssl s_client -host 'Pool Member IP' -port 'Pool member port' -quiet

example:

SEND_STRING='GET / HTTP/1.1\r\nHost: www.company.com\r\nConnection: Close\r\n\r\n'
(echo -ne $SEND_STRING; cat) | nc 1.2.3.4 80

SEND_STRING='GET / HTTP/1.1\r\nHost: www.company.com\r\nConnection: Close\r\n\r\n'
(echo -ne $SEND_STRING; cat) | openssl s_client -host 1.2.3.4 -port 443 -quiet

Code :

No file

Tested this on version:

11.6
Comments
Amresh008
Nimbostratus
Nimbostratus

I tried running this on 12.1.1, but it did not do anything. Please suggest.

 

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

Can you provide the command you tried?

 

Amresh008
Nimbostratus
Nimbostratus

(echo -ne "monitor string"; cat) | nc a.b.c.d xyz

 

a.b.c.d being the ip address of the pool member xyz being the pool member port

 

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

I asked to check your monitor string 😉

 

Ajit
Altostratus
Altostratus

Hello Stanislas,

I tried the below command but it just shows me SSL errors. Can you assist?


(echo -ne "GET / HTTP/1.1\\r\\nHost: abc.com\\r\\nConnection: Close\\r\\n"; cat) | openssl s_client -connect 1.1.1.1:443 -quiet

47753692343424:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1293:SSL alert number 40 47753692343424:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:

It shows me the above errors after being connected.

Note: I do not have a DNS entry for abc.com in place

Regards,

Ajit

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

Why did you add 2 \ in send string ? did you get it from tmsh which add a second \ in config file?

try this:

(echo -ne "GET / HTTP/1.1\r\nHost: abc.com\r\nConnection: Close\r\n"; cat) | openssl s_client -connect 1.1.1.1:443 -quiet
Ajit
Altostratus
Altostratus

Same result. I have client MA enabled on 1.1.1.1. What should I do to get past that? Does that matter?

 

Regards,

 

Ajit

 

VRI_341747
Nimbostratus
Nimbostratus

How can I use this command with NTLM authentication? The monitor works in the gui when credentials are specified but I get access denied from CLI.

 

Thanks,

 

LM

 

Priyanga_Kalans
Nimbostratus
Nimbostratus

Thanks a lot mate! This was a great find!!!

 

Joey
Nimbostratus
Nimbostratus

Is there partition/route domain involved?

if so, simply add ‘rdexec zzz’ before openssl where zzz stands for route domain ID

 

Version history
Last update:
‎05-Jun-2023 22:40
Updated by: