I am in need of looking into payload of incoming https traffic which is getting decrypted at F5 as F5 is working as SSL bridge in this case. I want to find a specific data in payload and then make a decision on which pool to forward the traffic to based on that data. Any help is appreciated.
02-Jul-2021 02:27 - last edited on 24-Mar-2022 01:23 by li-migration
You would need to use HTTP::collect to get the POST data and then use HTTP::payload to inspect it.
The example from here https://devcentral.f5.com/s/feed/0D51T00006j3PKbSAM should get you started with getting the data, the you can use LB::select to select the pool that you want to direct the traffic to.
it is encrypted traffic (https), will above method still works?
If you are using SSL Bridging (decrypt/Big-IP processes/re-encrypt) it should.
Here is another thing which I failed to mention earlier.
So currently I am just trying to have a look at all of the payload which is encrypted. I hope I have made myself clear this time.