Ian_Johnson_382
Sep 25, 2012Nimbostratus
iRule not working with SSL profile assign to virtual server
Hi All,
I am using an iRule to direct incoming LDAP requests to servers based on the "CN" string. When I don't have a Client SSL profile assign to the virtual server the rule works fine. With a SSL profile assign the rule does not match on the tcp payload and using tcpdump I do not see any unencrypted traffic leave, just a RST sent back to the client.
This is running on LTM 10.2.4HF3
Set DEBUG to 1 to get debug-logging of this iRule in /var/log/ltm
when RULE_INIT {
set DEBUG 1
}
when CLIENT_ACCEPTED {
if { $::DEBUG } {log local0. "Client connected [IP::client_addr] "}
TCP::collect
}
when CLIENT_DATA {
Save payload
set payload [TCP::payload]
If in debug mode, log payload of received packet
if { $::DEBUG } { log local0. "payload <$payload" }
check if payload contains the string we want to replace
if { [TCP::payload] contains "CN=adminbh" } {
If in debug mode, log that the payload matched
if { $::DEBUG } { log local0. "payload matched" }
pool pool_bh
}
if { $::DEBUG } { log local0. "Release TCP connection" }
TCP::release
}
Any ideas?
Thanks
Ian