cancel
Showing results for 
Search instead for 
Did you mean: 

Converting irule from v9 to v11

Daniel_55334
Altostratus
Altostratus

The original irule is as below.

 

 

 

class https_rp_list {

 

"services.domain.com/path/ services-rp.domain.com/path/ services-rp_pool"

 

"services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ services-rp_pool"

 

}

 

 

when HTTP_REQUEST {

 

set rp_list $::https_rp_list

 

set orig_host [string tolower [HTTP::host]]

 

set orig_uri [HTTP::uri]

 

if {[HTTP::header exist "Accept-Encoding" ]} {

 

HTTP::header remove "Accept-Encoding"

 

if {$::DEBUG} {

 

log local0.debug "Header \"Accept-Encoding\" removed"

 

}

 

}

 

 

set matched_len 0

 

set matched_entry ""

 

 

foreach entry [set rp_list] {

 

set proxy_host_col [getfield $entry " " 1]

 

if {"$orig_host$orig_uri" starts_with $proxy_host_col } {

 

set new_len [string length $proxy_host_col]

 

if {$new_len > $matched_len} {

 

set matched_entry $entry

 

set matched_len $new_len

 

}

 

}

 

}

 

 

if {$matched_entry ne ""} {

 

set proxy_host_col [getfield $matched_entry " " 1]

 

set rp_host_col [getfield $matched_entry " " 2]

 

set rp_pool [getfield $matched_entry " " 3]

 

set proxy_host [getfield $proxy_host_col "/" 1]

 

set proxy_host_path [substr $proxy_host_col [string length $proxy_host]]

 

set rp_host [getfield $rp_host_col "/" 1]

 

set rp_path [substr $rp_host_col [string length $rp_host]]

 

if {$::DEBUG} {

 

log local0.debug "Rewrite Host from \"$orig_host\" -\> \"$rp_host\""

 

log local0.debug "Rewrite uri from \"$orig_uri\" -\> \"$rp_path[substr $orig_uri [string length $proxy_host_path]]\""

 

}

 

HTTP::uri $rp_path[substr $orig_uri [string length $proxy_host_path]]

 

HTTP::header replace "Host" $rp_host

 

pool $rp_pool

 

}

 

}

 

 

I rewrite it for v11.2.0 as below.

 

 

ltm data-group internal /Common/https_rp_list {

 

records {

 

"services.domain.com/path/ services-rp.domain.com/path/ services-rp_pool" { }

 

"services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ services-rp_pool" { }

 

}

 

type string

 

}

 

 

 

when HTTP_REQUEST {

 

set orig_host [string tolower [HTTP::host]]

 

set orig_uri [HTTP::uri]

 

if {[HTTP::header exist "Accept-Encoding" ]} {

 

HTTP::header remove "Accept-Encoding"

 

if {$::DEBUG} {

 

log local0.debug "Header \"Accept-Encoding\" removed"

 

}

 

}

 

 

set matched_len 0

 

set matched_entry ""

 

foreach entry [class get https_rp_list] {

 

set proxy_host_col [getfield $entry " " 1]

 

log local0. "proxy_host_col is $proxy_host_col"

 

if {"$orig_host$orig_uri" starts_with $proxy_host_col } {

 

set new_len [string length $proxy_host_col]

 

if {$new_len > $matched_len} {

 

set matched_entry $entry

 

set matched_len $new_len

 

}

 

log local0. "matched entry is $matched_entry"

 

}

 

}

 

}

 

 

However I see in the logs

 

[root@bigip1:Active:Standalone] config tail -f /var/log/ltm

 

Oct 15 17:15:35 tmm info tmm[6973]: Rule /Common/https_vserver : proxy_host_col is {services.domain.com/path/

 

Oct 15 17:15:35 tmm info tmm[6973]: Rule /Common/https_vserver : proxy_host_col is {services.domain.com/path/Enquiry/

 

 

I have no idea of why there is "{" attached at the beginning of the data group entry, and thus cannot match with the host. Can someone put me in the right direction?

 

Thanks in advance.

 

 

 

 

6 REPLIES 6

What_Lies_Bene1
Cirrostratus
Cirrostratus

You seem to have some spaces in your URIs no?

 

 

"services.domain.com/path/ services-rp.domain.com/path/ HEREservices-rp_pool" { }

 

"services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ HEREservices-rp_pool" { }

 

If not, then these are key value pairs and the format is incorrect. See here: https://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1086510/v11-iRules-Data-Group-Updates.aspx

 

nitass
F5 Employee
F5 Employee

...

 

nitass
F5 Employee
F5 Employee
e.g.

 

 

root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm virtual bar ltm virtual bar { destination 172.28.19.252:80 ip-protocol tcp mask 255.255.255.255 profiles { http { } tcp { } } rules { myrule } snat automap vlans-disabled } root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm data-group internal https_rp_list ltm data-group internal https_rp_list { records { "services.domain.com/path/ services-rp.domain.com/path/ services-rp_pool" { } "services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ services-rp_pool" { } } type string } root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm rule myrule ltm rule myrule { when HTTP_REQUEST { foreach elm [class get https_rp_list] { set hosturi [getfield [lindex $elm 0] " " 1] if { "[HTTP::host][HTTP::uri]" starts_with $hosturi } { set start [string first "/" $hosturi] set host [string range $hosturi 0 [expr {$start - 1}]] set uri [string range $hosturi $start end] set newhosturi [getfield [lindex $elm 0] " " 2] set start [string first "/" $newhosturi] set newhost [string range $newhosturi 0 [expr {$start - 1}]] set newuri [string range $newhosturi $start end] set newpool [getfield [lindex $elm 0] " " 3] log local0. "" log local0. "Org Host = [HTTP::host]" log local0. "Org URI = [HTTP::uri]" log local0. "New Host = $newhost" log local0. "New URI = $newuri" log local0. "HTTP::header replace Host $newhost" log local0. "HTTP::uri \[string map {$uri $newuri} [HTTP::uri]\]" log local0. "HTTP::uri [string map {$uri $newuri} [HTTP::uri]]" log local0. "pool $newpool" log local0. "" break } } } } [root@ve11a:Active:Changes Pending] config tail -f /var/log/ltm Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/something Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/ Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/ /path/} /path/something] Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/something Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/Enquiry/something Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/Enquiry/ Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/Enquiry/ /path/Enquiry/} /path/Enquiry/something] Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/Enquiry/something Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule :

nitass
F5 Employee
F5 Employee
anyway, if you can modify the data group format a little bit, i think it will make the irule simpler.

 

 

e.g.

 

 

[root@ve11a:Active:Changes Pending] config tmsh root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm data-group internal https_rp_list ltm data-group internal https_rp_list { records { services.domain.com/path/ { data "services-rp.domain.com/path/ services-rp_pool" } services.domain.com/path/Enquiry/ { data "services-rp.domain.com/path/Enquiry/ services-rp_pool" } } type string } root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm rule myrule ltm rule myrule { when HTTP_REQUEST { if { [class match -- "[HTTP::host][HTTP::uri]" starts_with https_rp_list] } { set hosturi [class match -name "[HTTP::host][HTTP::uri]" starts_with https_rp_list] set start [string first "/" $hosturi] set uri [string range $hosturi $start end] set matched [class match -value "[HTTP::host][HTTP::uri]" starts_with https_rp_list] set newhosturi [getfield $matched " " 1] set newpool [getfield $matched " " 2] set start [string first "/" $newhosturi] set newhost [string range $newhosturi 0 [expr {$start - 1}]] set newuri [string range $newhosturi $start end] log local0. "" log local0. "Org Host = [HTTP::host]" log local0. "Org URI = [HTTP::uri]" log local0. "New Host = $newhost" log local0. "New URI = $newuri" log local0. "HTTP::header replace Host $newhost" log local0. "HTTP::uri \[string map {$uri $newuri} [HTTP::uri]\]" log local0. "HTTP::uri [string map {$uri $newuri} [HTTP::uri]]" log local0. "pool $newpool" log local0. "" } } } [root@ve11a:Active:Changes Pending] config tail -f /var/log/ltm Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/something Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/ Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/ /path/} /path/something] Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/something Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/Enquiry/something Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/Enquiry/ Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/Enquiry/ /path/Enquiry/} /path/Enquiry/something] Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/Enquiry/something Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule :

Daniel_55334
Altostratus
Altostratus
Thanks nitass. What I don't understand is that this irule is to check for every data entry in the data group.

 

After checking for the first entry, isn't the "break" command break out of the loop and stop for checking the remaining entries?

nitass
F5 Employee
F5 Employee
After checking for the first entry, isn't the "break" command break out of the loop and stop for checking the remaining entrithe break command is inside the if-clause. it will be executed if the condition matches.