Forum Discussion

greenasp_41938's avatar
greenasp_41938
Icon for Nimbostratus rankNimbostratus
Jun 20, 2013

bypass a splash page for certain IP addresses

I would like to change the iRule below to replace the "when HTTP_request" with the "when CLIENT_ACCEPTED" section of the irule. However, I get an error when i do. I am trying to allow certain IP address to bypass the splash rule.

 

 

 

Sets the highest priority even if other iRules are applied

 

priority 100

 

when CLIENT_ACCEPTED {

 

if {![IP::addr [IP::client_addr] equals 192.0.0.0/8]}{

 

pool splash_page_pool

 

event disable all

 

} else {

 

 

+

 

 

when HTTP_REQUEST {

 

if { [HTTP::uri] ends_with "logo.png" } {

 

HTTP::respond 200 content [b64decode [class element -value 0 image_class]] "Content-Type" "image/png"

 

} else { if { [HTTP::uri] ends_with "image1.jpg" } {

 

HTTP::respond 200 content [b64decode [class element -value 0 image_class ]] "Content-Type" "image/jpg"

 

} else {

 

 

HTTP::respond 200 content "

 

Etc.......

 

4 Replies

  • shouldn't priority be on the same line as "when"?

    e.g.

    when CLIENT_ACCEPTED priority 100 {
    
  • Should it look something more like this?

     

     

    when CLIENT_ACCEPTED priority 100 {

     

    if {![IP::addr [IP::client_addr] equals 192.0.0.0/8]}{

     

    pool splash_page_pool

     

    event disable all

     

    } else {

     

    if { [HTTP::uri] ends_with "logo.png" } {

     

    HTTP::respond 200 content [b64decode [class element -value 0 image_class]] "Content-Type" "image/png"

     

    } else { if { [HTTP::uri] ends_with "image1.jpg" } {

     

    HTTP::respond 200 content [b64decode [class element -value 0 image_class ]] "Content-Type" "image/jpg"

     

    } else {

     

     

     

    HTTP::respond 200 content "

     

  • I get the following error when I go to publish the iRule.

     

     

    01070151:3: Rule [offline_splash] error: line 7: [command is not valid in current event context (CLIENT_ACCEPTED)] [HTTP::uri] line 8: [command is not valid in current event context (CLIENT_ACCEPTED)] [HTTP::respond 200 content [b64decode [class element -value 0 image_class]] "Content-Type" "image/png" ]
  • i see. you cannot use HTTP:: in CLIENT_ACCEPTED event. so, you have to collect and parse tcp payload yourself.

    e.g.

    [root@ve10:Active] config  b virtual bar list
    virtual bar {
       snat automap
       destination 172.28.19.252:80
       ip protocol 6
       rules myrule
    }
    [root@ve10:Active] config  b rule myrule list
    rule myrule {
       when CLIENT_ACCEPTED priority 100 {
      if { ![IP::addr [IP::client_addr] equals 192.0.0.0/8] } {
        pool foo
        event disable all
      } else {
        TCP::collect
      }
    }
    when CLIENT_DATA {
      if { [scan [TCP::payload] {GET %s HTTP/1.[01]} obj] == 1 } {
        switch -glob $obj {
          "/*.gif" {
            set resp "HTTP/1.0 200 OK\r\nContent-Type: image/gif\r\n\r\n[b64decode [class match -value $obj equals images_class]]"
            set resp_bin [binary format a* $resp]
            TCP::respond $resp_bin
          }
          default {
            TCP::respond "HTTP/1.0 200 OK"
          }
        }
        TCP::close
      }
    }
    }