Forum Discussion
when RULE_INIT {
set static::redirect_http_to_https 1
Set this option to 1 to log debug messages (to /var/log/ltm by default) set static::single_vs_debug 1
} when CLIENT_ACCEPTED {Save the VIP name, client IP:port as a log prefix to make the log lines shorter set log_prefix "[IP::client_addr]:[TCP::client_port] [virtual name]"
if { [matchclass [TCP::local_port] equals $static::vip_https_ports] }{
Request was to an HTTPS port, so do nothing for the clientside connection.
The defined client and/or server SSL profiles will be applied as normal
if {$static::single_vs_debug}{log local0. "$log_prefix: HTTPS request to [IP::local_addr]:[TCP::local_port]"}
log an error if the virtual server doesn't have a client SSL profile, but receives an SSL request
if {[PROFILE::exists clientssl] == 0}{
if {$static::single_vs_debug}{log local0. "$log_prefix:\
Client connection received on port [TCP::local_port], but no client SSL profile is enabled on [IP::local_addr]"}
reject
}
} elseif { [matchclass [TCP::local_port] equals $static::vip_http_ports] }{
Request was to an HTTP port, not an HTTPS port, so disable client SSL profile if one is enabled on the VIP
set vip_http_port 1
if {$static::single_vs_debug}{log local0. "$log_prefix: HTTP request to [IP::local_addr]:[TCP::local_port]"}
Check to see if there is a client SSL profile and if so, disable it
if { [PROFILE::exists clientssl] == 1} {
if {$static::single_vs_debug}{log local0. "$log_prefix: Client SSL profile enabled on VIP. Disabling SSL."}
set disable_cmd "SSL::disable"
eval $disable_cmd
}
} else {
Request wasn't to a defined port, so reset the TCP connection.
if {$static::single_vs_debug}{log local0. "$log_prefix:\
Dropping request to undefined port [IP::local_addr]:[TCP::local_port]"}
reject
} } when HTTP_REQUEST {
If redirect_http_to_https is enabled and the request was made to an HTTP port, redirect the client to the same host/URI over HTTPS if { ($static::redirect_http_to_https == 1 or ([info exists redirect_http_to_https] && $redirect_http_to_https)) && \ ([info exists vip_http_port] && $vip_http_port==1)}{
HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
if {$static::single_vs_debug}{log local0. "$log_prefix:\
Redirecting client [IP::client_addr] to https://[getfield [HTTP::host] \":\" 1][HTTP::uri]"}
}
}I used the above iRule but could not achieve my requirement. The backend servers are communicating on port 8080 and the url has the port 8080 specified in it but whenever i use the iRule, the page becomes inaccessible.