cancel
Showing results for 
Search instead for 
Did you mean: 

Catch an error in iRule execution

Akshay_SK
Nimbostratus
Nimbostratus

I would like some help in handling errors in an iRule. Below is the code snippet upto which I have been able to achieve, but haven't been able to get the desired results.

 

when HTTP_REQUEST {    #If XFF exists then change Source IP to the first IP that you find in XFF which is the origin. Check this at the very start.    if { [HTTP::header values "X-Forwarded-For"] ne "" } {        set remoteip [getfield [HTTP::header X-Forwarded-For] "," 1]    }    if { [catch {            if { [class match $remoteip equals MY_BLACKLIST_IPS] && not [class match $remoteip equals MY_PROXY_IPS] } {                # reject the request here.             log local0. "Request is rejected here."             reject             return            }        } err] } {        log local0. "Error found in the iRule process ${err}"    }       return }

 

I want to log the error as well due to which the iRule encountered. The error currently is being logged as empty.

1 REPLY 1

Philippe_CLOUP
F5 Employee
F5 Employee

Hi Akshay,

i would have created the iRule differently, as more or less, is the remoteip is not found (meaning that there is no X-Forwarded-For in your headers), you can avoid doing the "catch" and this part of the code.

Anyhow, the way i modified your code a bit is as follow:

when HTTP_REQUEST { #If XFF exists then change Source IP to the first IP that you find in XFF which is the origin. Check this at the very start. if { [HTTP::header values "X-Forwarded-For"] ne "" } { set remoteip [getfield [HTTP::header X-Forwarded-For] "," 1] } catch { if { [class match $remoteip equals MY_BLACKLIST_IPS] && not [class match $remoteip equals MY_PROXY_IPS] } { # reject the request here. log local0. "Request is rejected here." reject return } } my_error if { $my_error ne ""} then { log local0. "Error found in the iRule process ${my_error}" } }

the following test provides the following logs:

curl http://MY_VS_IP:80   ltm log : Rule /Common/myirule <HTTP_REQUEST>: Error found in the iRule process can't read "remoteip": no such variable  ' -----------   curl -H "X-Forwarded-For: 2.3.4.5" http://MY_VS_IP:80   nothing in the ltm log (as expected)