Forum Discussion

MB_58262's avatar
MB_58262
Icon for Nimbostratus rankNimbostratus
Oct 11, 2012

string tolower and case insensitivity

We wanted to redirect to a particular request when the radius AVP such as User-Name ends with test.com. I implemented irule like the one below. From my understanding, it should be for case insensitive. so, when client request comes in with Test.com or TEST.COM or tEst.com, etc ...work, should still go to test_pool1

 

rule test_irule {

 

when CLIENT_DATA {

 

if { [ string tolower [RADIUS::avp User-Name] ] ends_with "test.com" } {

 

pool test_pool1

 

} else {

 

pool test_pool2

 

}

 

}

 

However, I noticed that when for example clien request has Test.com (e.g., capital T), it would go to test_pool2. The goal is to ensure that any request regardless of its case (upper or lower letter) containing a string such as "test.com" to always go to test_pool1, anything else would go to test_pool2

 

Any feedback would be really appreciated.

 

Thanks.

 

application delivery
dev
devops
iRules

5 Replies

Sort By
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Oct 11, 2012
    Just out of curiosity, what's the output if you throw in the following log line: 

    
when CLIENT_DATA {
     log local0. "User-Name = [string tolower [RADIUS::avp User-Name]]"
     if { [ string tolower [RADIUS::avp User-Name] ] ends_with  "test.com" }  {
          pool test_pool1
     } else {
          pool test_pool2
     }
}
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Oct 11, 2012
    it looks fine to me. 

    [root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   destination 172.28.19.79:1812
   ip protocol 17
   rules myrule
   profiles {
      myudp {}
      radiusLB {}
   }
}
[root@ve10:Active] config  b profile myudp list
profile udp myudp {
   defaults from udp
   datagram lb enable
}
[root@ve10:Active] config  b pool test_pool1 list
pool test_pool1 {
   members 200.200.200.101:1812 {}
}
[root@ve10:Active] config  b pool test_pool2 list
pool test_pool2 {
   members 200.200.200.111:1812 {}
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when CLIENT_DATA {
   log local0. "[RADIUS::avp User-Name]"
   if {[string tolower [RADIUS::avp User-Name]] ends_with "test.com"} {
      pool test_pool1
   } else {
      pool test_pool2
   }
}
when SERVER_CONNECTED {
   log local0. "[LB::server pool]"
   log local0. "[IP::remote_addr]:[UDP::remote_port]"
}
}

[root@ve10:Active] config  tail -f /var/log/ltm
Oct 11 11:17:20 local/tmm info tmm[7926]: Rule myrule : john@Test.com
Oct 11 11:17:20 local/tmm info tmm[7926]: Rule myrule : test_pool1
Oct 11 11:17:20 local/tmm info tmm[7926]: Rule myrule : 200.200.200.101:1812
Oct 11 11:17:27 local/tmm info tmm[7926]: Rule myrule : john@other.com
Oct 11 11:17:27 local/tmm info tmm[7926]: Rule myrule : test_pool2
Oct 11 11:17:27 local/tmm info tmm[7926]: Rule myrule : 200.200.200.111:1812
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Oct 11, 2012
    just in case if you have not yet seen this.

     

     

    sol13861: Certain UDP-based iRule commands may cause TMM to crash

     

    https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13861.html?sr=24467406
  • MB_58262's avatar
    MB_58262
    Icon for Nimbostratus rankNimbostratus
    Oct 11, 2012
    Thank you for the confirmation! - I am just curious, may I ask what tool have you used to generate the radius request?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Oct 12, 2012
    may I ask what tool have you used to generate the radius request?of course.

     

     

    NTRadPing 1.5 RADIUS Test Utility

     

    http://www.novell.com/coolsolutions/tools/14377.html