I found this code from Code Share. rule c_cert_session { when RULE_INIT { set ::key [AES::key 128] log local0. "the key is: $::key" } when CLIENTSSL_CLIENTCERT { session add ssl [SSL::sessionid] [X509::verify_cert_error...
This isn't exactly a v9 iRules question, but I'm not aware of a v9 system configuration forum in general... we've got two BIGIP 3400 units running in an active/standby configuration. Both units are connected and Config Sync'ed. We entered al...
We set up a rule today to forward traffic sent to a secure site to a down page for maintenance. The rule was simply: redirect to "http://www.domain.com/path/to/down/page" When I apply that rule to a http service, things work okay, bu...
Hi there, I'm experiencing some odd behaviour when I attempt to develop an iRule that contains both a uri match and remote ip address check. The irule is below. The odd behaviour appears as a "Document Contains No Data" popup message...
Does the API have the ability to kill a user session(s) for an account which is activated via a browser? Let's say you have an IDS/IPS looking at the wire could it make a call to FirePass to kill a particular user session assuming it knew the ...
I am in the process of designing a front-end application that will utilize the iControl SOAP interface to achieve it's goal (creating some Rules on the fly). I assume that I'll be creating a user specifically to be this applications interfa...
F5 DevCentral, Hi, our understanding is that when doing a Profile that utilizes Compression that BIGIP will prefer the Deflate vs. GZIP method. We would like to have a rule that utilizes GZIP by default. The current rule we are using...
my website use bigip3400. and now a problem occured.someone from one session accessed our website, but about 3 http gets in 1 second. how can I limit it?
Mar 24 10:35:00 tmm tmm[702]: 01220001:3: TCL error: Rule http2https_redirect - Operation not supported. Multiple redirect/respond invocations no t allowed (line 1) invoked from within "redirect to "https://[HTTP::host][HTTP::uri]"" ru...
Is there a way for me to determine whether a virtual server in a WideIP pool is pointing to a BIG-IP device without actually having to connect to the virtual server address?
When a rule to a Load balanceing site it look like it is only being run the first time the user connects to the site, not at each HTTP request like we need it to. We have 6 rules chain together that need to be processed at each http request. Below ar...
Please teach the definition method when the IPv6 address is used. I did not do the operation for which I had hoped though I tried various rule. I want to make the rule that limits only the access from 3ffe:1234:1234:5678::/64 prefix....
We just installed our new 6400 with ver 9.0.4 when writeing our rules we user to doc LTM guide for GTM and it show doing HTTP redirects like so when HTTP_REQUEST { if { [[HTTP::uri] matches_regex "secure"] } { [HTTP::redirect "htt...
I have two sites that use BigIP, with 3DNS doing the global load balancing. We have no global persistence due to the ldns design of our clients, so request are round-robin currently. The application that we are delivering does a refresh every 60 se...
I'm having another issue with data-types using Apache SOAP. The web service method that is failing is "get_pool_list". It's throwing an exception stating the following: java.lang.IllegalArgumentException: Unable to set 'number_virtual_servers'...
I'm in process of converting our v4.5.10 rules to v9 syntax. Our original scripts had workarounds to get around the 63/64 character limit on URIs. I believe that was in strict compliance with RFC or some standards. Anways an example of our workaro...
I have a .NET application that is adding/removing virtual servers, pools, and profiles from a BigIP 9.x load balancer. If I create a new virtual server using LocalLB.VirtualServer.create() or through the GUI using an IP address I haven't used...
Is there a specific example of how to employ the "wlnode" function to allow for Weblogic persistence? I am working to configure persistence via the JSESSIONID when cookie persistence is not available. I have built a rule that parses out the...
We need to turn off compression based on a single client IP. What we find is that we get a 404 when the client hits the VIP when that rule is applied. In the tcpdump we see a reset being sent back to the client. irule when HTTP_REQUES...
There are a number of performance graphs generated for the F5 "overview >> Performance" page which display historical performance data. Is there a method allowing retrieval of historical performance data via iControl?
F5 Firepass API. A problem appears when synchronizing with active directory data base. The OpenByName does not complete when active directory is enabled. However, the OpenByName is working when using internal data base. I know this is very vag...
I'm tossing this out here as a last ditch attempt -- We'd love to be able to filter real media files that are requested through an F5 using rules, but can't figure out a way to do it. The more granular http rules don't work because this...
I've got a simle iRule below based on the example in the Writing iRules section of the LTM guide. In a nutshell, I am attempting to direct requests to specific urls based on the client's ip address. I've copied the matchclass syntax directl...
I have a requirement to demonstrate using LTM to split SQL Read operations and write operations to two separate pools of SQL database servers. Has anyone tried to do this or could the recommend a starting point? Thanks, Keith
Has anyone tried to use F5 (v9) as an FTP reverse proxy? We use F5 as a reverse-proxy for HTTP and would like to cover FTP traffic as well (validating the L5-L7 traffic to confirm that it is really FTP). Have there been any FTP-specific iRu...
I have a need to rewrite a uri, and make this look transparent to the end user. What I have come up with is this: when HTTP_REQUEST { set loop 0 set max [llength $::shorturi] while {$loop < $max}{ set tmpstr [lindex ...
I'm having trouble getting an iRule to work with matchclass. This is the rule I'm trying to use: when HTTP_REQUEST { if { [matchclass [HTTP::host] equals $::CorpWebHostNames] } { use pool CorpWeb } else { ...
We want to use an adaptive type load balancing method. Can we use LocalLB.PoolMember.set_ratio to dynamically affect the Ratio load balancing method? Or do we use the Dynamic Ratio load balancing method and use LocalLB.PoolMember.set_dynamic_ra...
I can get this to display anything after building pool.exe and running. It is listed in the locallbpoolmembers.cs file. Is there a special parameter I have to run to get this statistic? Thanks Jason
Hi, I build an iRule that chooses a node, based on a server-id cookie. In the rule I check whether the cookie is present, if not, the rule defaults to the configured pool. If the cookie is present, it uses findclass to select a node. It all w...
| User | Count |
|---|---|
| 14 | |
| 12 | |
| 7 | |
| 5 | |
| 4 |
