Forum Discussion

Affa_1992's avatar
Affa_1992
Icon for Nimbostratus rankNimbostratus
Jan 11, 2013

How to process Client side's TCP Payload after SERVER_CONNECTED?

I'm trying to write an iRule to process TCP Payload.

 

I want to rewrite the clientside's first payload after SERVER_CONNECTED event raised.

 

But I log message withing every event, I found the CLIENT_DATA was raised before

 

SERVER_CONNECTED.

 

Does anyone have any ideas to process TCP Payload after SERVER_CONNECTED event?

 

 

Thanks.

 

 

6 Replies

  • You should do something in the line:

    
    when SERVER_CONNECTED {
        TCP::collect
    }
    when SERVER_DATA {
       TCP::payload replace 0 [TCP::payload length] "Your string"
       TCP::release
    }
    

    It depends where you started the collect process, if you started it in CLIENT_ACCEPTED event it will collect the client side of data. You might also look into

    
    serverside { TCP::collect }
    clientside { TCP::collect }
    

    to be more specific where you want the collection to happen

  • I read too fast. If you need to process client data after first server event, you could do

    
    when SERVER_CONNECTED {
        clientside {TCP::collect}
    }
    

  • Thanks for replying.

     

     

    I have been tried to write some iRule as the following like:

     

     

    when CLIENT_ACCEPTED {

     

    snat x.x.x.x

     

    }

     

     

    when SERVER_CONNECTED {

     

    set SNAT_IP [serverside {IP::client_addr}]

     

    clientside { TCP::collect }

     

    }

     

     

    when CLIENT_DATA {

     

    TCP::payload replace 0 4 $SNAT_IP

     

    TCP::release

     

    TCP::collect

     

    }

     

     

    I found that F5 will receive some tcp payload when CLIENT_ACCEPTED event raised so that

     

    I will miss some tcp payload to replace string which I want to change.

     

     

    I want to process the *first* tcp payload after SERVER_CONNECTED raised. That means

     

    the CLIENT_DATA with first payload raised after SERVER_CONNECTED.

     

     

    Does my codes have any wrong?
  • Thanks for replying.

     

     

    I have been tried to write some iRule as the following like:

     

     

    when CLIENT_ACCEPTED {

     

    snat x.x.x.x

     

    }

     

     

    when SERVER_CONNECTED {

     

    set SNAT_IP [serverside {IP::client_addr}]

     

    clientside { TCP::collect }

     

    }

     

     

    when CLIENT_DATA {

     

    TCP::payload replace 0 4 $SNAT_IP

     

    TCP::release

     

    TCP::collect

     

    }

     

     

    I found that F5 will receive some tcp payload when CLIENT_ACCEPTED event raised so that

     

    I will miss some tcp payload to replace string which I want to change.

     

     

    I want to process the *first* tcp payload after SERVER_CONNECTED raised. That means

     

    the CLIENT_DATA with first payload raised after SERVER_CONNECTED.

     

     

    Does my codes have any wrong?
  • what about this?

    [root@ve10:Active] config  b virtual bar80 list
    virtual bar80 {
       snat automap
       pool foo
       destination 172.28.19.252:80
       ip protocol 6
       rules myrule
    }
    [root@ve10:Active] config  b pool foo list
    pool foo {
       members 200.200.200.101:80 {}
    }
    [root@ve10:Active] config  b rule myrule list
    rule myrule {
       when CLIENT_ACCEPTED {
      log local0. "-"
    }
    when CLIENT_DATA {
      log local0. "-"
      log local0. "[TCP::payload]"
      log local0. "[LB::server addr]:[LB::server port]"
      TCP::release
      TCP::collect
    }
    when LB_SELECTED {
      log local0. "-"
      TCP::collect
    }
    when SERVER_CONNECTED {
      log local0. "-"
      TCP::collect
    }
    when SERVER_DATA {
      log local0. "-"
      log local0. "[TCP::payload]"
      TCP::release
      TCP::collect
    }
    }
    
    [root@ve10:Active] config  tail -f /var/log/ltm
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : -
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : -
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : -
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : GET / HTTP/1.1  User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5  Host: 172.28.19.252  Accept: */*
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : 200.200.200.101:80
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : -
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : -
    Jan 14 22:41:17 local/tmm info tmm[4884]: Rule myrule : HTTP/1.1 200 OK  Date: Mon, 14 Jan 2013 15:06:17 GMT  Server: Apache/2.2.3 (CentOS)  Last-Modified: Sat, 27 Oct 2012 03:22:35 GMT  ETag: "4183f3-59-f28f94c0"  Accept-Ranges: bytes  Content-Length: 89  Content-Type: text/html; charset=UTF-8       This is 101 host.   
    
  • have you seen this article?

     

     

    Oracle RAC Connection String Rewrite by Jason

     

    https://devcentral.f5.com/tech-tips/articles/oracle-rac-connection-string-rewrite

     

     

    hope this helps.