cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
Erik_Giesa_26
Historic F5 Account

Problem this snippet solves:

Make a Traffic Management and LB decision based on info in the VIA header. Very useful for granular control and even for security purposes. Done by one of F5's SA gurus.

Code :

rule sip_rule {
   when SIP_REQUEST {
    # The below iRule looks at the IP value in the VIA header and makes a Load Balanceing Route based on the VIA header
# This allow the LTM to use the information insde the VIA headers. Also allow the box to do have a persistence entry to mirror
# as all information need to route the packet is keep inside the packet.
        #log local0. [SIP::header Via]
        regexp {\d*\.\d*\.\d*\.\d*} [SIP::header Via] temp
        if {not([matchclass [IP::remote_addr] eq $::sip_srv])}
                        {log local0. "Remote address [IP::remote_addr]"
                                log local0. "Via Header [SIP::header Via]"
                             log local0. "Via address == $temp"
                                if {[matchclass $temp eq $::sip_test]}
                        {
        # If the VIA header point to a SIP server th LTM will route it to the location
                                log local0. "Selecting Node $temp"
                                node $temp 5060
                        }
                }
        #regexp {([0-9])+} $temp test
        #node $test 5060
        #regexp {\:\S+} [SIP::header Via] temp
        #SIP::header insert Via "SIP/2.0/UDP [IP::local_addr]$temp"
        #log local0. $temp
        #log local0. $test
}
when SIP_RESPONSE {
        regexp {\d*\.\d*\.\d*\.\d*} [SIP::header Via] temp
        if {not([matchclass [IP::remote_addr] eq $::sip_srv])}
                        {log local0. "Remote address [IP::remote_addr]"
                                log local0. "Via Header [SIP::header Via]"
                             log local0. "Via address == $temp"
                                if {[matchclass $temp eq $::sip_test]}
                        {
                                log local0. "Selecting Node $temp"
                                node $temp 5060
                        }
                }
        
}
Version history
Last update:
‎18-Mar-2015 15:32
Updated by:
Contributors