V4 to v11 irule assistance required

Hi Carl,

Can you try this?

when CLIENT_ACCEPTED {
    Check if the first packet contains "test"
   if { [TCP::payload] contains "test"} {
      pool test_pool
   } elseif { [TCP::payload length] < 50 } {
       Collect at least 50 bytes.
       This triggers CLIENT_DATA when at least 50 bytes have been collected.
      TCP::collect 50
   } else {
      log "Unrecognised test discarding [IP::client_addr]"
      discard
   }
} 
when CLIENT_DATA {
   if { [TCP::payload] contains "test"} {
      pool test_pool

      Release collected data
  TCP::release
   } else {
      log "Unrecognised test discarding [IP::client_addr]"
      discard
   }
}

Aaron

Hi Aaron,

 

Thanks for the reply, could you help me understand why i need to have both client_accepted and client_data, will client_accepted not be the equivalent of the v4 irule or am i right in thinking i need the client_data to then release what was collected in the accepted.

 

 

I will test however and let you know.

 

Thanks for the help.

I think you just need this for the CLIENT_ACCEPTED event;

if { [TCP::payload length] < 50 } {
       Collect at least 50 bytes.
       This triggers CLIENT_DATA when at least 50 bytes have been collected.
      TCP::collect 50 }

When you have a TCP profile on a virtual server, CLIENT_ACCEPTED is triggered when the client establishes a connection with the virtual server. You'll have the first packet's worth of payload available in the CLIENT_ACCEPTED event. This should be more than 50 bytes. You can check how much payload there is using [TCP::payload length]. If you want to inspect more than the data available in CLIENT_ACCEPTED you can call TCP::collect X and then check [TCP::payload] in CLIENT_DATA.

 

 

Aaron