cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
hooleylist
Cirrostratus
Cirrostratus

Problem this snippet solves:

This simple iRule shows how you can create a CMP-compatible counter. The first portion of the iRule demonstrates creating and incrementing a global counter which is accessible across all virtual servers and all TCP connections. The second portion of the iRule shows a method for creating a VIP-specific global counter. There is no enforcement of access to the VIP-specific global counter but it should prevent accidental trampling of session table entry names. For details on CMP compatibility you can check these resources: https://devcentral.f5.com/wiki/iRules.CMPCompatibility.ashx https://support.f5.com/kb/en-us/solutions/public/7000/700/sol7751.html

Code :

when CLIENT_ACCEPTED {
   set log_prefix "[virtual name] [IP::client_addr]:[TCP::client_port]"
}
when HTTP_REQUEST {

   #######################################################################
   #
   # Global (accessible across all VIPs) counter variable example 
   #   using the session table
   #

   # Look up the counter value. Will return a null string if it doesn't exist
   set value [session lookup uie "my_counter"]
   log local0. "$log_prefix: Global lookup value: $value"

   # Check if the value is null
   if {$value eq ""}{

      # Add a new session table entry with a value of 0
      session add uie "my_counter" 0

   } else {

      # Increment the current value by 1
      session add uie "my_counter" [expr {$value + 1}]
   }
   # Log the updated value
   log local0. "$log_prefix: Global lookup value: [session lookup uie "my_counter"]"

   #######################################################################
   #
   # Local (accessible to only this VIP) counter variable example 
   #   using the session table
   #

   # Save the virtual server name to use as a session table entry prefix
   #  This keeps the variables specific to the virtual server.
   set vip [virtual name]

   # Look up the counter value. Will return a null string if it doesn't exist
   set value [session lookup uie "${vip}_my_counter"]
   log local0. "$log_prefix: Per-vip lookup value: $value"

   # Check if the value is null
   if {$value eq ""}{

      # Add a new session table entry with a value of 0
      session add uie "${vip}_my_counter" 0

   } else {

      # Increment the current value by 1
      session add uie "${vip}_my_counter" [expr {$value + 1}]
   }
   # Log the updated value
   log local0. "$log_prefix: Per-vip lookup value: [session lookup uie "${vip}_my_counter"]"
}

Tested this on version:

10.0
Comments
JRahm
Community Manager
Community Manager
contributed by hoolio
Version history
Last update:
‎30-Jan-2015 04:24
Updated by:
Contributors