Technical Articles
F5 SMEs share good practice.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner
Community Manager
Community Manager

What could you do with your code in 20 Lines or Less?

That's the question we like to ask from, for, and of (feel free to insert your favorite preposition here) the DevCentral community, and every time we do, we go looking to find cool new examples that show just how flexible and powerful iRules can be without getting in over your head. Thus was born the 20LoL (20 Lines or Less) series many moons ago. Over the years we've highlighted hundreds of iRules examples, all of which do downright cool things in less than 21 lines of code.

Poodle Mitigation but Can't Disable SSLv3

Community member Christopher faced a situation where he could not disable SSLv3 for a clients in a certain IP range. I suggested a direction but his final solution was even more simple than the path I was encouraging him down. Nice job!


  if { [class match [IP::client_addr] equals "sslv3_allowed"] } {
    SSL::profile sslv3_enabled
  } else {
      SSL::profile sslv3_disabled

Rewrite a Part of the Query String

Nitass takes advantage of the new write capability (as of version 11.5) in the HTTP::query command to help member jmartineau9 rewrite the query with an alternative query key. String map to the rescue!


  set qry [HTTP::query]
  set id [URI::query "?$qry" "id"]
  if { $id ne "" } {
    HTTP::query [string map [list id=$id entityid=$id] $qry]

HSRP and VRRP Optimization

This rule has been around for a while in the codeshare, but I ran across it looking for something else and thought it warranted inclusion. Originally crafted by Michael Earnhart, I updated it for v10+ systems. Basically, it takes the virtual mac for a router pair from a data-group defined by an admin and sets the lasthop to that instead of the hardware mac the traffic originated from, alleviating black holed traffic during gateway failover events.


  set entry [class lookup [format %s [LINK::lasthop]] RouterA]
  if { $entry ne "" } {
    lasthop [lindex $entry 1] [lindex $entry 0]


And that's a wrap! Super powered functionality featured in less than 60 lines of code.

Version history
Last update:
‎18-Nov-2014 06:00
Updated by: