Forum Discussion

assaf_benedic_1's avatar
assaf_benedic_1
Icon for Nimbostratus rankNimbostratus
Aug 31, 2006

Identify HTTP requests in TCP traffic

Is it possible to redirect HTTP traffic that is not sent on port 80?

 

 

I other words, can I create an iRule that will analyze all TCP traffic and will redirect only traffic that has HTTP syntax?

 

E,g, http on ports 5674, 4444, 8080 (without creating a special virtual server for these ports).

 

 

 

BTW: can I use the HTTP:: iRules Booleans on HTTP in other ports (not 80) ? what happens if I apply an iRule like that on non HTTP traffic?

 

 

 

Thanks in advance,

 

 

Assaf.

 

 

 

application delivery
dev
devops
iRules

2 Replies

Sort By
  • dennypayne's avatar
    dennypayne
    Icon for Employee rankEmployee
    Aug 31, 2006
    If you don't create a virtual for those ports LTM will reject the traffic (unless you have a port 0 virtual which is often not ideal).

    You could use something similar to this (from the example in the wiki on TCP::payload) on a port 0 virtual though:

    
when CLIENT_ACCEPTED {
  TCP::collect 15
}
when CLIENT_DATA {
  if { [TCP::payload 15] contains "XYZ" } {
     pool xyz_servers
  } else {
     pool web_servers
 }
}

    where "XYZ" would be some sort of identifier for HTTP syntax and the xyz_servers pool was a redirect page.

    BUT, since HTTP::redirect can't be called from CLIENT_DATA and TCP::payload can't be called from HTTP_REQUEST I'm not sure how to cohesively merge the 2 functions...

    Denny
  • unRuleY_95363's avatar
    unRuleY_95363
    Historic F5 Account
    Aug 31, 2006
    There's nothing that prevents you from putting an http profile on any virtual. So, you would want to put an http profile on your virtual. Then you would do a rule like Denny previously posted, except when the payload does not contain a valid HTTP-like method, you could issue the command HTTP::disable which will take the http processing offline and allow the non-http traffic to proceed to wherever you declared it to go.