Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Problem this snippet solves:

this script helps for massive iRule deployment which use HTTP event on Virtual Server with HTTP Profile. Static value has to be changed in the script to adapt to your needs. As example it's as been used for ShellShock iRule deployment on 300 HTTP Virtual Servers for quick protection.

Code :

# This python script is used to deploy an iRule for ALL HTTP VS
import bigsuds
import sys
# set your hostname, login and ip here
b = bigsuds.BIGIP(
hostname = 'ip',
username = 'admin',
password = 'admin',
except Exception, e:
print e
#Change system partition
# Retrieve list of VS, of rules and of profiles
virtualservers = b.LocalLB.VirtualServer.get_list()
rules = b.LocalLB.VirtualServer.get_rule(virtualservers)
profiles = b.LocalLB.VirtualServer.get_profile(virtualservers)
irules_list = b.LocalLB.Rule.get_list()

#set your iRule name already created in your BigIp
new_rule = '/mypartition/myiRulename'

vs_to_update = []
rule_to_add = []
found_rule = False
# check if iRule is present
for irule in irules_list:
if irule == new_rule:
found_rule = True
if found_rule:
print "Found iRule with name: %s" % new_rule
print "iRule not Found"
#Print virtual Server and rule assigned
count = 0
for vs in virtualservers:
print "\n\nVS: %s" % vs
for rule in rules[count]:
print "\tRules %i: %s" % (count, rule)
count += 1
# Create a list of VS (vs_to_update) for vs which have an HTTP profile and where the irule is not yet present.
count = 0
for vs in virtualservers:
asHttp_Profile = False
as_already_rule = False
check_priority = []
for profile in profiles[count]:
if profile["profile_type"] == "PROFILE_TYPE_HTTP":
asHttp_Profile = True
for rule in rules[count]:
if rule["rule_name"] == new_rule:
as_already_rule = True
if asHttp_Profile and not as_already_rule:
if check_priority:
rule_to_add.append({'rule_name': new_rule, 'priority': (max(check_priority) + 1)})
rule_to_add.append({'rule_name': new_rule, 'priority': 0})
count += 1
# Add iRule to elected VS (vs_to_update)
count = 0
for vs in vs_to_update:
print "\n\nVS to change: %s" % vs
print "\tRule to add: %s" % rule_to_add[count]
b.LocalLB.VirtualServer.add_rule([vs], [[rule_to_add[count]]])
except Exception, e:
print e
count +=1
How to add irule using payload into virtual server while VIP creating ? like ip protocol payload['ipProtocol'] = 'tcp' tried below statement but not working payload['rules'] = 'my_Rule'
Version history
Last update:
‎09-Mar-2015 13:34
Updated by: