Forum Discussion
brad_scherer_11
Apr 09, 2009Nimbostratus
Thank you for the reply. No we are not terminating on the F5. Basically we want any SSL traffic (determined by port/s) to simply go to a different pool of proxies than the standard.
The HTTP rule I previously posted did look like it was working to a degree but I am not sure it is the best way to approach this.
Here is a client_accept rule that I tested.....unsuccessfully.
I used examples to build this rule yesterday so am not even sure if it has been pieced together correctly.
when CLIENT_ACCEPTED {
TCP::collect 20
}
when CLIENT_DATA {
if { [TCP::payload 20] contains "443" } {
pool WebWasher
log local0. "Rule for WebWasher HTTPS redirect"
}
TCP::release
}
After the standard 3way handshake on port 8080 to the proxy here is a dump of the next request sent on port 8080. This is where we want to make the decision as to which pool to go to based on the port number in the CONNECT request.
40.00010.72.1.4010.81.13.40HTTPCONNECT somesite.com:443 HTTP/1.0