I ended up doing the following below... I'm not Tcl master, and some of the binary scan/format was simply copied from the tcllib.
My only thought is, does md5 use the rand function, and does the rand function use clock. If so, then either clock or rand are redundant and probably not increasing entropy.
when RULE_INIT {
set ::cn "lbId"
set ::ce 15552000
}
when HTTP_REQUEST {
if { not ([HTTP::uri] starts_with "/static" or [HTTP::uri] starts_with "/assets") } {
if { not [HTTP::cookie exists $::cookieName] } {
append s [clock seconds] [IP::local_addr] [IP::client_addr] [expr { int(100000000 * rand()) }] [clock clicks]
set s [md5 $s]
binary scan $s c* s
lset s 8 [expr {([lindex $s 8] & 0x7F) | 0x40}]
lset s 6 [expr {([lindex $s 6] & 0x0F) | 0x40}]
set s [binary format c* $s]
binary scan $s H* s
append u [substr $s 0 8] "-" [substr $s 8 4] "-" [substr $s 12 4] "-" [substr $s 16 4] "-" [substr $s 20 12]
unset s
HTTP::cookie insert name $::cn value $u
} else {
set u [HTTP::cookie value $::cn]
}
set h [HTTP::host]
}
}
when HTTP_RESPONSE {
if { not ($u eq "") } {
set h [findstr [getfield $h : 1 ] ".eharmony."]
if { $h eq "" } {
HTTP::cookie insert name $::cn value $u path "/"
} else {
HTTP::cookie insert name $::cn value $u path "/" domain $h
}
unset h
unset u
HTTP::cookie expires $::cn $::ce
}
}