I need to make some changes using the iRules to the request payload then need to pass the original request to the backend server, is there a compatible event with HTTP::Payload command that can pass traffic to the backend server?
Thanks in advance.
Yes its doable, use HTTP_REQUEST_DATA event to make your manipulation on the payload.
Refer the below article.
I want to manipulate the payload then pass F5 the manipulated one but the backend server will receive the original payload can you help me, please ?
Can you elaborate what you are trying to achieve by manipulating the payload twice? Maybe there is another way to get to your goal.
I don't say it is nonsense, but I think it would help to know the use-case.
I need to change the original request to some format that WAF can understand and apply its security check against then if the request is good, I need the WAF to pass the original request to the server as the server only understands the original request sent by the client
Maybe you can try a layered virtual. I am not a big fan of using layered virtuals since they add an extra layer of complexity when troubleshooting.
Traffic would flow like this:
vIP_1 >> iRule manipulates payload >> passes ASM >> vIP_2 >> iRule manipulates payload back >> backend server
Here are some steps for guidance.
K13315545: Configuring a BIG-IP ASM virtual server to protect a BIG-IP APM login page with brute for...
In this approach you can also combine iRules and LTM Traffic Policies.