Access Packet Filter through an iRule

At present, this is not supported. What sort of packet filter do you have in mind? With the reject and drop commands combined with matchclass, you can do a good bit of packet filtering within iRules.

I have an external process that monitors the BIG-IP VIP using ICMP... If all nodes are "down", I need BIG-IP to stop responding to the Ping. The external process is not advanced enough to monitor a port.

 

 

The only way I can think to do this is with a Packet Filter.I hoped to detect node status with an iRule and toggle the Packet Filter.

I need BigIP not to respond to ICMP Ping requests if there are no healthy nodes in the pool for a specific VIP/Virtual Service.

 

 

I don't share IP address across Vertual Service.

 

 

Thus if failure to respond to a ping request would indicate that a service is not available at that IP address.

That's a tough one. The ability to respond to a ping is fundamental to a virtual server. The only way I can think to do this is to implement an EAV that actually deletes the virtual when the service checks fail. This would be a lot easier with anything besides an ICMP echo request. Good luck!

Thanks for the response... I'm not certain it is a good idea to delete and add Virtuals on the fly like that. We'll look for some other alternative.