Forum Discussion

Daniel_55334's avatar
Daniel_55334
Icon for Altostratus rankAltostratus
Oct 16, 2012

Converting irule from v9 to v11

The original irule is as below.

 

 

 

class https_rp_list {

 

"services.domain.com/path/ services-rp.domain.com/path/ services-rp_pool"

 

"services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ services-rp_pool"

 

}

 

 

when HTTP_REQUEST {

 

set rp_list $::https_rp_list

 

set orig_host [string tolower [HTTP::host]]

 

set orig_uri [HTTP::uri]

 

if {[HTTP::header exist "Accept-Encoding" ]} {

 

HTTP::header remove "Accept-Encoding"

 

if {$::DEBUG} {

 

log local0.debug "Header \"Accept-Encoding\" removed"

 

}

 

}

 

 

set matched_len 0

 

set matched_entry ""

 

 

foreach entry [set rp_list] {

 

set proxy_host_col [getfield $entry " " 1]

 

if {"$orig_host$orig_uri" starts_with $proxy_host_col } {

 

set new_len [string length $proxy_host_col]

 

if {$new_len > $matched_len} {

 

set matched_entry $entry

 

set matched_len $new_len

 

}

 

}

 

}

 

 

if {$matched_entry ne ""} {

 

set proxy_host_col [getfield $matched_entry " " 1]

 

set rp_host_col [getfield $matched_entry " " 2]

 

set rp_pool [getfield $matched_entry " " 3]

 

set proxy_host [getfield $proxy_host_col "/" 1]

 

set proxy_host_path [substr $proxy_host_col [string length $proxy_host]]

 

set rp_host [getfield $rp_host_col "/" 1]

 

set rp_path [substr $rp_host_col [string length $rp_host]]

 

if {$::DEBUG} {

 

log local0.debug "Rewrite Host from \"$orig_host\" -\> \"$rp_host\""

 

log local0.debug "Rewrite uri from \"$orig_uri\" -\> \"$rp_path[substr $orig_uri [string length $proxy_host_path]]\""

 

}

 

HTTP::uri $rp_path[substr $orig_uri [string length $proxy_host_path]]

 

HTTP::header replace "Host" $rp_host

 

pool $rp_pool

 

}

 

}

 

 

I rewrite it for v11.2.0 as below.

 

 

ltm data-group internal /Common/https_rp_list {

 

records {

 

"services.domain.com/path/ services-rp.domain.com/path/ services-rp_pool" { }

 

"services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ services-rp_pool" { }

 

}

 

type string

 

}

 

 

 

when HTTP_REQUEST {

 

set orig_host [string tolower [HTTP::host]]

 

set orig_uri [HTTP::uri]

 

if {[HTTP::header exist "Accept-Encoding" ]} {

 

HTTP::header remove "Accept-Encoding"

 

if {$::DEBUG} {

 

log local0.debug "Header \"Accept-Encoding\" removed"

 

}

 

}

 

 

set matched_len 0

 

set matched_entry ""

 

foreach entry [class get https_rp_list] {

 

set proxy_host_col [getfield $entry " " 1]

 

log local0. "proxy_host_col is $proxy_host_col"

 

if {"$orig_host$orig_uri" starts_with $proxy_host_col } {

 

set new_len [string length $proxy_host_col]

 

if {$new_len > $matched_len} {

 

set matched_entry $entry

 

set matched_len $new_len

 

}

 

log local0. "matched entry is $matched_entry"

 

}

 

}

 

}

 

 

However I see in the logs

 

[root@bigip1:Active:Standalone] config tail -f /var/log/ltm

 

Oct 15 17:15:35 tmm info tmm[6973]: Rule /Common/https_vserver : proxy_host_col is {services.domain.com/path/

 

Oct 15 17:15:35 tmm info tmm[6973]: Rule /Common/https_vserver : proxy_host_col is {services.domain.com/path/Enquiry/

 

 

I have no idea of why there is "{" attached at the beginning of the data group entry, and thus cannot match with the host. Can someone put me in the right direction?

 

Thanks in advance.

 

 

 

 

6 Replies

  • You seem to have some spaces in your URIs no?

     

     

    "services.domain.com/path/ services-rp.domain.com/path/ HEREservices-rp_pool" { }

     

    "services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ HEREservices-rp_pool" { }

     

    If not, then these are key value pairs and the format is incorrect. See here: https://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1086510/v11-iRules-Data-Group-Updates.aspx

     

  • e.g.

    root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm virtual bar
    ltm virtual bar {
        destination 172.28.19.252:80
        ip-protocol tcp
        mask 255.255.255.255
        profiles {
            http { }
            tcp { }
        }
        rules {
            myrule
        }
        snat automap
        vlans-disabled
    }
    root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm data-group internal https_rp_list
    ltm data-group internal https_rp_list {
        records {
            "services.domain.com/path/ services-rp.domain.com/path/ services-rp_pool" { }
            "services.domain.com/path/Enquiry/ services-rp.domain.com/path/Enquiry/ services-rp_pool" { }
        }
        type string
    }
    root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm rule myrule
    ltm rule myrule {
        when HTTP_REQUEST {
       foreach elm [class get https_rp_list] {
          set hosturi [getfield [lindex $elm 0] " " 1]
          if { "[HTTP::host][HTTP::uri]" starts_with $hosturi } {
             set start [string first "/" $hosturi]
             set host [string range $hosturi 0 [expr {$start - 1}]]
             set uri [string range $hosturi $start end]
    
             set newhosturi [getfield [lindex $elm 0] " " 2]
             set start [string first "/" $newhosturi]
             set newhost [string range $newhosturi 0 [expr {$start - 1}]]
             set newuri [string range $newhosturi $start end]
    
             set newpool [getfield [lindex $elm 0] " " 3]
    
             log local0. ""
             log local0. "Org Host = [HTTP::host]"
             log local0. "Org URI = [HTTP::uri]"
             log local0. "New Host = $newhost"
             log local0. "New URI = $newuri"
             log local0. "HTTP::header replace Host $newhost"
             log local0. "HTTP::uri \[string map {$uri $newuri} [HTTP::uri]\]"
             log local0. "HTTP::uri [string map {$uri $newuri} [HTTP::uri]]"
             log local0. "pool $newpool"
             log local0. ""
    
             break
          }
       }
    }
    }
    
    [root@ve11a:Active:Changes Pending] config  tail -f /var/log/ltm
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule :
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/something
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/ /path/} /path/something]
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/something
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool
    Oct 16 17:11:04 tmm info tmm[23647]: Rule /Common/myrule :
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule :
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/Enquiry/something
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/Enquiry/
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/Enquiry/ /path/Enquiry/} /path/Enquiry/something]
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/Enquiry/something
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool
    Oct 16 17:11:07 tmm info tmm[23647]: Rule /Common/myrule :
    
  • anyway, if you can modify the data group format a little bit, i think it will make the irule simpler.

    e.g.

    [root@ve11a:Active:Changes Pending] config  tmsh
    root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm data-group internal https_rp_list
    ltm data-group internal https_rp_list {
        records {
            services.domain.com/path/ {
                data "services-rp.domain.com/path/ services-rp_pool"
            }
            services.domain.com/path/Enquiry/ {
                data "services-rp.domain.com/path/Enquiry/ services-rp_pool"
            }
        }
        type string
    }
    root@(ve11a)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list ltm rule myrule
    ltm rule myrule {
        when HTTP_REQUEST {
       if { [class match -- "[HTTP::host][HTTP::uri]" starts_with https_rp_list] } {
          set hosturi [class match -name "[HTTP::host][HTTP::uri]" starts_with https_rp_list]
          set start [string first "/" $hosturi]
          set uri [string range $hosturi $start end]
    
          set matched [class match -value "[HTTP::host][HTTP::uri]" starts_with https_rp_list]
          set newhosturi [getfield $matched " " 1]
          set newpool [getfield $matched " " 2]
    
          set start [string first "/" $newhosturi]
          set newhost [string range $newhosturi 0 [expr {$start - 1}]]
          set newuri [string range $newhosturi $start end]
    
          log local0. ""
          log local0. "Org Host = [HTTP::host]"
          log local0. "Org URI = [HTTP::uri]"
          log local0. "New Host = $newhost"
          log local0. "New URI = $newuri"
          log local0. "HTTP::header replace Host $newhost"
          log local0. "HTTP::uri \[string map {$uri $newuri} [HTTP::uri]\]"
          log local0. "HTTP::uri [string map {$uri $newuri} [HTTP::uri]]"
          log local0. "pool $newpool"
          log local0. ""
       }
    }
    }
    
    [root@ve11a:Active:Changes Pending] config  tail -f /var/log/ltm
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule :
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/something
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/ /path/} /path/something]
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/something
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool
    Oct 16 17:50:33 tmm info tmm[23647]: Rule /Common/myrule :
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule :
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : Org Host = services.domain.com
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : Org URI = /path/Enquiry/something
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : New Host = services-rp.domain.com
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : New URI = /path/Enquiry/
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : HTTP::header replace Host services-rp.domain.com
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri [string map {/path/Enquiry/ /path/Enquiry/} /path/Enquiry/something]
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : HTTP::uri /path/Enquiry/something
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule : pool services-rp_pool
    Oct 16 17:50:36 tmm info tmm[23647]: Rule /Common/myrule :
    
  • Thanks nitass. What I don't understand is that this irule is to check for every data entry in the data group.

     

    After checking for the first entry, isn't the "break" command break out of the loop and stop for checking the remaining entries?
  • After checking for the first entry, isn't the "break" command break out of the loop and stop for checking the remaining entrithe break command is inside the if-clause. it will be executed if the condition matches.