01-Jul-2020 10:24
Hello,
I'm trying to set a variable in an LTM Policy like this:
But then: how can I access this variable from an iRule ?
The only information I find on support site/devcentral is: "Set variable: Sets a Tcl variable in the runtime environment."
Thanks
Solved! Go to Solution.
01-Jul-2020 16:53
First, the assignment needs to be [HTTP::method]
Your irule just needs to reference the connection variable that you assigned in the policy
when HTTP_REQUEST {
log local0. "$policy_http_method"
}
01-Jul-2020 16:53
First, the assignment needs to be [HTTP::method]
Your irule just needs to reference the connection variable that you assigned in the policy
when HTTP_REQUEST {
log local0. "$policy_http_method"
}
02-Jul-2020 00:51
Hi Simon,
thanks for your answer, but it still doesn't work. The irule fails with this log message:
Jul 2 07:35:09 f5-1 err tmm[20719]: 01220001:3: TCL error: /Common/syslog_https_test <HTTP_REQUEST> - can't read "policy_http_method": no such variable while executing "log local0. "$policy_http_method""
This is the beginning of the irule (I copy/pasted the variable name to make sure it's typo free):
when HTTP_REQUEST {
set http_method ""
if {[HTTP::has_responded]} {
log local0. "$policy_http_method"
set http_method $policy_http_method
} else {
set http_method [HTTP::method]
}
To explain the context:
Jul 1 16:39:36 f5-1 err tmm2[20719]: 01220001:3: TCL error: /Common/syslog_https_test <HTTP_REQUEST> - Can't call after responding - ERR_NOT_SUPPORTED (line 14) invoked from within "HTTP::method"
So I feel the only nice way to log this traffic is to pass the value of HTTP::method to the irule. But no luck for now 😞
02-Jul-2020 00:59
OK, my bad, I found it... of course I had to put the logging policy rule on top in the policy list !
It's working now, thanks ! 🙂
02-Jul-2020 16:07
Great - and yes - you need to shift anything from the HTTP:: object into variables before you trigger any HTTP:: redirection/respond.
Basically, once you have used HTTP::redirect/respond (or the LTM policy equivalents), the entire HTTP:: object is invalidated, and cannot be accessed (apart from HTTP::has_responded)