cancel
Showing results for 
Search instead for 
Did you mean: 

bypass a splash page for certain IP addresses

greenasp_41938
Nimbostratus
Nimbostratus

I would like to change the iRule below to replace the "when HTTP_request" with the "when CLIENT_ACCEPTED" section of the irule. However, I get an error when i do. I am trying to allow certain IP address to bypass the splash rule.

 

 

 

Sets the highest priority even if other iRules are applied

 

priority 100

 

when CLIENT_ACCEPTED {

 

if {![IP::addr [IP::client_addr] equals 192.0.0.0/8]}{

 

pool splash_page_pool

 

event disable all

 

} else {

 

 

+

 

 

when HTTP_REQUEST {

 

if { [HTTP::uri] ends_with "logo.png" } {

 

HTTP::respond 200 content [b64decode [class element -value 0 image_class]] "Content-Type" "image/png"

 

} else { if { [HTTP::uri] ends_with "image1.jpg" } {

 

HTTP::respond 200 content [b64decode [class element -value 0 image_class ]] "Content-Type" "image/jpg"

 

} else {

 

 

HTTP::respond 200 content "

 

Etc.......

 

4 REPLIES 4

nitass
F5 Employee
F5 Employee
shouldn't priority be on the same line as "when"?

 

 

e.g.

 

when CLIENT_ACCEPTED priority 100 {

greenasp_41938
Nimbostratus
Nimbostratus
Should it look something more like this?

 

 

when CLIENT_ACCEPTED priority 100 {

 

if {![IP::addr [IP::client_addr] equals 192.0.0.0/8]}{

 

pool splash_page_pool

 

event disable all

 

} else {

 

if { [HTTP::uri] ends_with "logo.png" } {

 

HTTP::respond 200 content [b64decode [class element -value 0 image_class]] "Content-Type" "image/png"

 

} else { if { [HTTP::uri] ends_with "image1.jpg" } {

 

HTTP::respond 200 content [b64decode [class element -value 0 image_class ]] "Content-Type" "image/jpg"

 

} else {

 

 

 

HTTP::respond 200 content "

 

greenasp_41938
Nimbostratus
Nimbostratus
I get the following error when I go to publish the iRule.

 

 

01070151:3: Rule [offline_splash] error: line 7: [command is not valid in current event context (CLIENT_ACCEPTED)] [HTTP::uri] line 8: [command is not valid in current event context (CLIENT_ACCEPTED)] [HTTP::respond 200 content [b64decode [class element -value 0 image_class]] "Content-Type" "image/png" ]

nitass
F5 Employee
F5 Employee
i see. you cannot use HTTP:: in CLIENT_ACCEPTED event. so, you have to collect and parse tcp payload yourself.

 

 

e.g.

 

[root@ve10:Active] config b virtual bar list virtual bar { snat automap destination 172.28.19.252:80 ip protocol 6 rules myrule } [root@ve10:Active] config b rule myrule list rule myrule { when CLIENT_ACCEPTED priority 100 { if { ![IP::addr [IP::client_addr] equals 192.0.0.0/8] } { pool foo event disable all } else { TCP::collect } } when CLIENT_DATA { if { [scan [TCP::payload] {GET %s HTTP/1.[01]} obj] == 1 } { switch -glob $obj { "/*.gif" { set resp "HTTP/1.0 200 OK\r\nContent-Type: image/gif\r\n\r\n[b64decode [class match -value $obj equals images_class]]" set resp_bin [binary format a* $resp] TCP::respond $resp_bin } default { TCP::respond "HTTP/1.0 200 OK" } } TCP::close } } }