AltostratusHTTPS health monitor with POST TMOS 13
Hello.
I am trying to configure the following POST monitor but it is not working.
----------------------------------------------------------------------------------------------------------------------------
ltm monitor https MON_HTTPS_TEST {
adaptive disabled
defaults-from https
destination *:*
interval 5
ip-dscp 0
recv "HTTP/1.1 200 OK"
recv-disable none
send "POST /web-e/AutenticationFi HTTP/1.1\r\nHost: test.example.com\r\nAccept: */*\r\nContent-Length: 431\r\nContent-Type: application/xml;charset=ISO8859-1\r\n\r\n <TCFX> <HeaderRq TRNUID=\"830709062778379\" SESSCOOKIE=\"7cf5b287-9cc4-4fa2-af87-dbd3461c9e4d\" BANKID=\"0015\" APPID=\"AW0718001\" DATECREATED=\"2021/01/08 05:03:26\" CLIENTIP=\"190.66.208.17\" CONTRACTTYPE=\"SVEPLUS\" CUSTOMERTYPE=\"FS003\" CUSTOMERID=\"2020092901\" USERTYPE=\"FS003\" USERID=\"2020092901\" USERNAME=\"2020092901\" LANG=\"ES\" CHN=\"002\" SCHN=\"2\" UNIQUEID=\"830709062778379\"/> <SumyRq SUMYTYPE=\"ALLACCOUNTS\" SUMYTIME=\"REAL\"></SumyRq></TCFX>"
time-until-up 0
timeout 16
}
----------------------------------------------------------------------------------------------------------------------------
If I perform the cURL it gives me the expected response successful
----------------------------------------------------------------------------------------------------------------------------
curl -vk -X POST https://test.example.com/web-e/AutenticationFi -H Content-Type: 'application/xml;charset=ISO8859-1' -d '<TCFX> <HeaderRq TRNUID="830709062778379" SESSCOOKIE="7cf5b287-9cc4-4fa2-af87-dbd3461c9e4d" BANKID="0015" APPID="AW0718001" DATECREATED="2021/01/08 05:03:26" CLIENTIP="190.66.208.17" CONTRACTTYPE="SVEPLUS" CUSTOMERTYPE="FS003" CUSTOMERID="2020092901" USERTYPE="FS003" USERID="2020092901" USERNAME="2020092901" LANG="ES" CHN="002" SCHN="2" UNIQUEID="830709062778379"/> <SumyRq SUMYTYPE="ALLACCOUNTS" SUMYTIME="REAL"></SumyRq></TCFX>'
----------------------------------------------------------------------------------------------------------------------------
ANSWER
----------------------------------------------------------------------------------------------------------------------------
> POST /web-e/AutenticationFi HTTP/1.1
> Host: test.example.com
> User-Agent: curl/7.47.1
> Accept: */*
> Content-Length: 431
>
* upload completely sent off: 431 out of 431 bytes
< HTTP/1.1 200 OK
< X-Powered-By: Servlet/3.1
< Content-Language: en-US
< Date: Thu, 14 Jan 2021 15:45:41 GMT
< Transfer-Encoding: chunked
----------------------------------------------------------------------------------------------------------------------------
Any idea why the health monitor is not working?
Thanks a lot
Hi,
Thanks for your help.
It was not necessary to apply an external monitor (which I was concerned about a reported vulnerability)
With F5 Support, the following could be validated:
***************************************************
"HTTP monitors with POST typically fail when the Content-Length header is incorrect, which makes the receiving side parser out of sync with the sender - I can see a hint of why it was miscounted.
The command line:
-H Content-Type: 'application/xml;charset=ISO8859-1' -d '<TCFX> <HeaderRq TRNUID=....
Indicates the post data (-d) is starting directly with the < character, however, in the configuration, and in the logs, there's still an extra space:
Content-Type: application/xml;charset=ISO8859-1\
\
<TCFX> <HeaderRq ...
^???
This space is also visible in the logs:
[0][13255] 2021-01-14 10:29:33.071367: ID 1151 :(_send_active_service_ping): writing ....xml; charset=ISO8859-1\x0d\x0a\x0d\x0a <TCFX> <He
^???
The (successful) POST seem to be indeed 431 bytes long, however, the monitor as configured seem to contain an additional space making the body 432 bytes long"
***************************************************
So, I just removed the extra space before <TCFX> and it worked
