iRules change HTTP::Payload when talking to the backend servers

CPSSupport · ‎15-Feb-2021

I need to make some changes using the iRules to the request payload then need to pass the original request to the backend server, is there a compatible event with HTTP::Payload command that can pass traffic to the backend server?

Thanks in advance.

jaikumar_f5 · ‎15-Feb-2021

Yes its doable, use HTTP_REQUEST_DATA event to make your manipulation on the payload.

Refer the below article.

https://clouddocs.f5.com/api/irules/HTTP_REQUEST_DATA.html

HazemFouda · ‎17-Feb-2021

I want to manipulate the payload then pass F5 the manipulated one but the backend server will receive the original payload can you help me, please ?

Daniel_Wolf · ‎17-Feb-2021

Can you elaborate what you are trying to achieve by manipulating the payload twice? Maybe there is another way to get to your goal.

I don't say it is nonsense, but I think it would help to know the use-case.

HazemFouda · ‎18-Feb-2021

I need to change the original request to some format that WAF can understand and apply its security check against then if the request is good, I need the WAF to pass the original request to the server as the server only understands the original request sent by the client

Daniel_Wolf · ‎18-Feb-2021

Maybe you can try a layered virtual. I am not a big fan of using layered virtuals since they add an extra layer of complexity when troubleshooting.

Traffic would flow like this:

vIP_1 >> iRule manipulates payload >> passes ASM >> vIP_2 >> iRule manipulates payload back >> backend server

Here are some steps for guidance.

K13315545: Configuring a BIG-IP ASM virtual server to protect a BIG-IP APM login page with brute for...

In this approach you can also combine iRules and LTM Traffic Policies.

DevCentral

iRules change HTTP::Payload when talking to the backend servers

Khoros Kudos Award 2022