Source IP redirect, change host, uri and change to 443
I'm using BIG-IP LTM I have a VIP on port 4001 taking external connections, this goes to a pool with a client SSL cert. I am trying to "route" to a different destination based on the source IP address. However, I need to manipulate the uri as well. I have tried this via an iRule, but looking at the forum people are saying just use the policies section of the F5. I am a network engineer by trade and I very rarely get this deep into LTM. Please can you assist? I have outputs from what I have tried below. I have run packet captures and see that the request does forward, but in plain text (iRule output), so I have tried to encrypt it before sending it to the destination, but I don't think I'm doing it right. pool_RTS_Azure = dev.api.comany.com:443 pool_RTS_4001 is the default pool pool_RTS is the same as pool_RTS_4001
F5 LTM - iRule that will replace the host, remove the path and send traffic to the specific pool
Hi, I have a standard VIP on port 443 with SSL client and servers side profile and some pool on port 443 as well. What I need to implement on that VIP is: when the path begins with /VPC ( for example https://example.com/VPC) the host name (example.com) needs to be replaced by (example2.net) and path /VPC needs to be removed. After that this traffic (https://example2.net/) needs to be send to the specific pool (different than default but also on port 443). I suppose the iRule is the best option here. Unfortunately I cannot make simple 302 redirect... Of course if the URI does not begin with /VPC the traffic needs to go to the default pool. I found some similar cases on devcentral however neither of them match all the requirements.
Modify XML POST request
Hi, I need to change some values in an XML Post REQUEST to Sharepoint (search) as it embeds URL in the XML with https: and I need it to be http. I was looking to use STREAM::EXPRESSION which I am successfully using for doing a similar replacement in the RESPONSE. This is what I thought would work: when HTTP_REQUEST { # Explicitly disable the stream profile for each client-side request so it doesn't stay #enabled for subsequent HTTP requests on the same TCP connection. STREAM::disable # The line below prevents the server from compressing its responses. HTTP::header remove "Accept-Encoding" # Apply stream profile against text responses from the application if { [HTTP::method] eq "POST" } { HTTP::collect set ispost 1 } } when HTTP_REQUEST_DATA { if { [HTTP::header value Content-Type] contains "text"} { #replace https with http STREAM::expression "@https://@http://@" # enable the stream filter for this request only STREAM::enable } //recalculate the content-length after the replacement if { [info exists ispost] } { HTTP::header insert Content-Length [HTTP::payload length] } } But I am getting an HTTP 411 response from the backend (which I had thought recalculating the content-length header would fix). Any pointers would be appreciated. Regards, David.
