Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

Are you an expert?    Interested in presenting at F5 AppWorld 2024?    Submit a proposal by Nov 29th!

how to display maintenance banner via LTM policy

Bhupendra
Altocumulus
Altocumulus

‎11-Nov-2023 00:42

how to display maintenance banner via LTM policy if uri matches /example and tcp address is not private_net

Note: banner file (HTML ) is stored on ifile list.

Labels:
0 Kudos
7 REPLIES 7

M_Saeed
Cirrus
Cirrus

‎11-Nov-2023 02:11

Hi @Bhupendra 
Hope you are doing well.

You coudl do it via iRule redirection to a sorry page OR you could provide it directly after matching your conditions as requested above.

SOL1#
--------------------------------------

when HTTP_REQUEST {

#create a data group adding allowed_ip_addresses to assign it here in iRule

if { ([HTTP::uri] starts_with "/example") && (![class match [IP::client_addr] equals allowed_ip_addresses]) } {

HTTP::redirect "http://www.corp_xyz.com/sorry_page.html

log local0. "Client IP : [IP::client_addr] ==> sorrypage"

}
}

 

SOL#2
-----------------------

when HTTP_REQUEST {

#make sure to create a data group adding allowed_ip_addresses to assign it here in iRule

if { ([HTTP::uri] starts_with "/example") && (![class match [IP::client_addr] equals allowed_ip_addresses]) } {

HTTP::respond 200 content {
<html>
<head>
<title>Apology Page</title>
</head>
<body>
We are sorry, but the site you are looking for is temporarily out of service<br>
If you feel you have reached this page in error, please try again.
</body>
</html>
}
}
}

 

0 Kudos

Bhupendra
Altocumulus
Altocumulus
In response to M_Saeed

‎11-Nov-2023 08:15

Hi , Thanks for your response.

I have both  irule and LTM policy on same vip. 

LTM policy rule -------->

HTTP URI full string starts with '/example' at request time.

Forward traffic to POOL A

---------------------------------------------------------------------------------

Banner rule----->

when HTTP_REQUEST {

if { ([HTTP::uri] starts_with "/example") 

HTTP::respond 200 content {
<html>
<head>
<title>Apology Page</title>
</head>
<body>
We are sorry, but the site you are looking for is temporarily out of service<br>
If you feel you have reached this page in error, please try again.
</body>
</html>
}
}
}

 I tried to put simple messgae on banner. It is not working. Always says site can not be reached.  connection reset message .I can see execution hits on irule without error. Also LTM logs i can see irule executed.

 

 

0 Kudos

whisperer
Nacreous
Nacreous

‎11-Nov-2023 09:48

Just to clarify, you are looking for a maintenance page? When you say 'banner', it makes me think that you want to inject javascript or somerthing and put a banner atop the normally loaded page that provides an alert. That would be a separate and more difficult requirement of course. Simple maintenace page is no issues, and you can even store the HTML page, JS, and any images on the F5 itself using iFiles. Just some further thoughts here.

0 Kudos

Bhupendra
Altocumulus
Altocumulus
In response to whisperer

‎11-Nov-2023 10:12

Hi Whisperer,

Thanks for response.

I am putting maintenance page. I tried to put simple html page or message. Also tried to put html page via ifile (HTTP::respond 200 content [ifile get "maintenance_Page"] even it is not working for me.

 

when HTTP_REQUEST {

if { ([HTTP::uri] starts_with "/example") 

HTTP::respond 200 content {
<html>
<head>
<title>Apology Page</title>
</head>
<body>
We are sorry, but the site you are looking for is temporarily out of service<br>
If you feel you have reached this page in error, please try again.
</body>
</html>
}
}
}

0 Kudos

whisperer
Nacreous
Nacreous
In response to Bhupendra

‎11-Nov-2023 10:17

Can you provide the output for the Virtual Server object? Also, what URL are you testing with in the web browser?

0 Kudos

Bhupendra
Altocumulus
Altocumulus
In response to whisperer

‎12-Nov-2023 00:23

Hi ,

I found the issue. There are two irule applied on VIP. First irule mainentance page  and second irule to set same site cookie as none .

In Packet capture i saw irule exceution error. First irule for mainentance page when http request is matching and it is responding to 200 with maintenece page.

when second irule is exceuting, it is the http response release  to set  same site cookie as none as  first irule is already executed with response. It is failing.

For testing i have removed second irule(same site cookie), it is working.

Just want to know if  below same site irule is feasible via LTM policy or other solution.

same site irule-

when HTTP_RESPONSE_RELEASE {
set cookie_names [HTTP::cookie names]
foreach a_cookie $cookie_names
{
if {not [HTTP::cookie attribute $a_cookie exists {SameSite}] }
{HTTP::cookie attribute $a_cookie insert "SameSite" "None"}
}
}

 

 

0 Kudos

M_Saeed
Cirrus
Cirrus
In response to Bhupendra

‎12-Nov-2023 01:35

Regarding LTM policies, They may not have the same level of granularity in event triggers as iRules, which can be triggered at various stages of traffic processing. You may need to stick with iRule in your case.

 

0 Kudos
Copyright © 2023 Khoros, LLC