Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Forum Posts

session {add|delete} ssl question

I found this code from Code Share.     rule c_cert_session { when RULE_INIT { set ::key [AES::key 128] log local0. "the key is: $::key" } when CLIENTSSL_CLIENTCERT { session add ssl [SSL::sessionid] [X509::verify_cert_error...

V9 configuration related question

This isn't exactly a v9 iRules question, but I'm not aware of a v9 system configuration forum in general...     we've got two BIGIP 3400 units running in an active/standby configuration. Both units are connected and Config Sync'ed. We entered al...

Simple https to http redirect

We set up a rule today to forward traffic sent to a secure site to a down page for maintenance.   The rule was simply:     redirect to "http://www.domain.com/path/to/down/page"     When I apply that rule to a http service, things work okay, bu...

matchclass + IP::remote_addr ?

Hi there, I'm experiencing some odd behaviour when I attempt to develop an iRule that contains both a uri match and remote ip address check. The irule is below. The odd behaviour appears as a "Document Contains No Data" popup message...

Kill Session Question

Does the API have the ability to kill a user session(s) for an account which is activated via a browser?     Let's say you have an IDS/IPS looking at the wire could it make a call to FirePass to kill a particular user session assuming it knew the ...

Can I create my own Roles?

  I am in the process of designing a front-end application that will utilize the iControl SOAP interface to achieve it's goal (creating some Rules on the fly).     I assume that I'll be creating a user specifically to be this applications interfa...

Compression iRules - GZIP vs. Deflate Preference

F5 DevCentral,     Hi, our understanding is that when doing a Profile that utilizes Compression that BIGIP will prefer the Deflate vs. GZIP method. We would like to have a rule that utilizes GZIP by default.     The current rule we are using...

limit frequent http GET

my website use bigip3400. and now a problem occured.someone from one session accessed our website, but about 3 http gets in 1 second. how can I limit it?

Determining Virtual Server Type

Is there a way for me to determine whether a virtual server in a WideIP pool is pointing to a BIG-IP device without actually having to connect to the virtual server address?

Rule Processing Problem

When a rule to a Load balanceing site it look like it is only being run the first time the user connects to the site, not at each HTTP request like we need it to. We have 6 rules chain together that need to be processed at each http request. Below ar...

IPv6 address prefix difinition

Please teach the definition method when the IPv6 address is used. I did not do the operation for which I had hoped though I tried various rule. I want to make the rule that limits only the access from 3ffe:1234:1234:5678::/64 prefix....

HTTP Redirect Question

We just installed our new 6400 with ver 9.0.4 when writeing our rules we user to doc LTM guide for GTM and it show doing HTTP redirects like so when HTTP_REQUEST { if { [[HTTP::uri] matches_regex "secure"] } { [HTTP::redirect "htt...

SSL, Cookie persistence, and Redirection

I have two sites that use BigIP, with 3DNS doing the global load balancing. We have no global persistence due to the ldns design of our clients, so request are round-robin currently. The application that we are delivering does a refresh every 60 se...

JRahm by Community Manager
  • 319 Views
  • 3 replies
  • 0 kudos

Data-type mapping issue with Apache SOAP

I'm having another issue with data-types using Apache SOAP. The web service method that is failing is "get_pool_list". It's throwing an exception stating the following:     java.lang.IllegalArgumentException: Unable to set 'number_virtual_servers'...

Url character length limitation?

I'm in process of converting our v4.5.10 rules to v9 syntax. Our original scripts had workarounds to get around the 63/64 character limit on URIs. I believe that was in strict compliance with RFC or some standards. Anways an example of our workaro...

wlnode function

Is there a specific example of how to employ the "wlnode" function to allow for Weblogic persistence?     I am working to configure persistence via the JSESSIONID when cookie persistence is not available. I have built a rule that parses out the...

Turning off compression based on client IP

We need to turn off compression based on a single client IP. What we find is that we get a 404 when the client hits the VIP when that rule is applied. In the tcpdump we see a reset being sent back to the client.     irule     when HTTP_REQUES...

Pulling historical statistics via iControl

There are a number of performance graphs generated for the F5 "overview >> Performance" page which display historical performance data.     Is there a method allowing retrieval of historical performance data via iControl?  

Firepass API & active directory

F5 Firepass API. A problem appears when synchronizing with active directory data base. The OpenByName does not complete when active directory is enabled. However, the OpenByName is working when using internal data base.     I know this is very vag...

psilvas by Altostratus
  • 328 Views
  • 6 replies
  • 0 kudos

Applying rules to Real Media Streams

I'm tossing this out here as a last ditch attempt --     We'd love to be able to filter real media files that are requested through an F5 using rules, but can't figure out a way to do it.     The more granular http rules don't work because this...

matchclass and syntax errors

I've got a simle iRule below based on the example in the Writing iRules section of the LTM guide. In a nutshell, I am attempting to direct requests to specific urls based on the client's ip address. I've copied the matchclass syntax directl...

iRule for splitting SQL Write and Read

I have a requirement to demonstrate using LTM to split SQL Read operations and write operations to two separate pools of SQL database servers. Has anyone tried to do this or could the recommend a starting point?     Thanks, Keith

FTP reverse-proxy

Has anyone tried to use F5 (v9) as an FTP reverse proxy?   We use F5 as a reverse-proxy for HTTP and would like to cover FTP traffic as well (validating the L5-L7 traffic to confirm that it is really FTP).     Have there been any FTP-specific iRu...

Rewrite a uri (not redirect)

I have a need to rewrite a uri, and make this look transparent to the end user. What I have come up with is this: when HTTP_REQUEST { set loop 0 set max [llength $::shorturi] while {$loop < $max}{ set tmpstr [lindex ...

iRules matchclass

I'm having trouble getting an iRule to work with matchclass. This is the rule I'm trying to use: when HTTP_REQUEST { if { [matchclass [HTTP::host] equals $::CorpWebHostNames] } { use pool CorpWeb } else { ...

Setting pool member ratio

We want to use an adaptive type load balancing method.   Can we use LocalLB.PoolMember.set_ratio to dynamically affect the Ratio load balancing method?   Or do we use the Dynamic Ratio load balancing method and use LocalLB.PoolMember.set_dynamic_ra...

STATISTIC_HTTP_GET_REQUEST

I can get this to display anything after building pool.exe and running. It is listed in the locallbpoolmembers.cs file. Is there a special parameter I have to run to get this statistic?     Thanks   Jason

iRule not using default pool

Hi, I build an iRule that chooses a node, based on a server-id cookie. In the rule I check whether the cookie is present, if not, the rule defaults to the configured pool. If the cookie is present, it uses findclass to select a node. It all w...