using an Irule to strip off the cookie info for sceurity reasons

Is setting cookie name in the persistence profile not enough for your use?

problem is need to strip off the default that the f5 puts in the cookie do not know if applying cookie name in the profile would do this?

 

the f5 by default adds bigip pool name and address

 

I need the bigip and poolname striped off and also the address stripped any ideas if the by assigning the cookie name in the porfile would accomplish this that would be assume I will test it

 

 

 

thanks

 

 

Al Tase

So your problem isn't with the name of the cookie but the contents of it?

 

 

I've seen some people talk about encrypting the cookie using some iRule magic, but I'm not sure if that works on the cookie used for cookie persistence profiles, but you could always switch to universal persistence and do the cookie insertion/encryption manually.

You can specify an alternate persistence cookie name in the persistence profile, but you can't just remove the hash of the serverIP and port from the persistence cookie since that's what LTM uses to find the correct server.

 

 

You can definitely encrypt the cookie value on the way out, though, and decrypt it on the way in.

 

 

Here's a good start on that option. I think you'd just need to replace the cookie name with your persistence cookie name: Click here

 

(http://devcentral.f5.com/wiki/default.aspx/iRules/EncryptingCookie.html)

 

 

HTH

 

/deb