Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Would the irule command: event disable all cause LTM traffic policies not to be evaluated?

Go to solution
Wasfi_Bounni
Cirrocumulus
Cirrocumulus

‎04-May-2021 07:30

Hi;

 

I know that the irule command event disable all causes any further irules not to be evaluated. My question is: What about LTM policies? Do they also not get evaluated?

 

Kindly

Wasfi

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
crodriguez
Legacy Employee
Legacy Employee

‎06-May-2021 14:44 - last edited on ‎05-Jun-2023 23:03 by Fog

The evidence would suggest that Local Traffic Policies are evaluated independently from iRules. I ran a test with the following iRule and Local Traffic Policy assigned to the same virtual server:

when CLIENT_ACCEPTED {
    event disable all
}
 
when HTTP_REQUEST {
    log local0. "iRule event disable all logging message"
}
ltm policy ltp_http_request_log {
    last-modified 2021-05-06:14:26:09
    requires { http }
    rules {
        write_log_message {
            actions {
                0 {
                    log
                    write
                    facility local0
                    message "Logging from local policy on HTTP_REQUEST event"
                    priority info
                }
            }
        }
    }
    status published
    strategy first-match
}

Here is a screen shot of the local traffic policy as well:

0691T00000CnzoFQAR.pngWhen I sent multiple HTTP requests to the virtual server, the iRule did not write any log messages, but the local traffic policy did, as shown below:

May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event

In summary then, the iRule disabled all events upon completion of the client-side connection, preventing the HTTP_REQUEST event from occurring. However, the local traffic policy still triggered at the HTTP_REQUEST (request) event and was able to write the log message.

Hope this answers your question.

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
Inderdeep_Singh
Nimbostratus
Nimbostratus

‎04-May-2021 12:43

Not sure but check the below with iRules support LTM Policy

https://devcentral.f5.com/s/articles/ltm-policy

0 Kudos

Go to solution
crodriguez
Legacy Employee
Legacy Employee

‎06-May-2021 14:44 - last edited on ‎05-Jun-2023 23:03 by Fog

The evidence would suggest that Local Traffic Policies are evaluated independently from iRules. I ran a test with the following iRule and Local Traffic Policy assigned to the same virtual server:

when CLIENT_ACCEPTED {
    event disable all
}
 
when HTTP_REQUEST {
    log local0. "iRule event disable all logging message"
}
ltm policy ltp_http_request_log {
    last-modified 2021-05-06:14:26:09
    requires { http }
    rules {
        write_log_message {
            actions {
                0 {
                    log
                    write
                    facility local0
                    message "Logging from local policy on HTTP_REQUEST event"
                    priority info
                }
            }
        }
    }
    status published
    strategy first-match
}

Here is a screen shot of the local traffic policy as well:

0691T00000CnzoFQAR.pngWhen I sent multiple HTTP requests to the virtual server, the iRule did not write any log messages, but the local traffic policy did, as shown below:

May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event
May  6 14:28:15 bigip4 info tmm1[9908]: [/Common/ltp_http_request_log/write_log_message]: Logging from local policy on HTTP_REQUEST event

In summary then, the iRule disabled all events upon completion of the client-side connection, preventing the HTTP_REQUEST event from occurring. However, the local traffic policy still triggered at the HTTP_REQUEST (request) event and was able to write the log message.

Hope this answers your question.

0 Kudos

Go to solution
Wasfi_Bounni
Cirrocumulus
Cirrocumulus

‎12-May-2021 08:07

Thank you crodriguez.

0 Kudos
Copyright © 2023 Khoros, LLC