Forum Discussion

RonR10_181817's avatar
RonR10_181817
Icon for Nimbostratus rankNimbostratus
Dec 08, 2016

Brocade Stringray rule to iRule migration

Hi all - I am trying to migrate a Brocade Stingray rule to an iRule. My iRule skills are basic so any help is greatly appreciated to review my approach. This Stingray rule is configured on 2 virtual servers, "VS_port_80" and "VS_port_443". I've been searching for an equivalent F5 command for "http.changeSite", but have not been successful. There are multiple $hosts that this rules supports so I'm only including a snippet for one host.

Stingray Rule

if ($host == "gsd.test.com") {
  http.changeSite("https://" . $host);
  if ($path == "/") {
    http.setPath ("/gsd/login" . $path);
  }
  http.setResponseCookie( "sso_cust", "gsd", "domain=test.com" );
  pool.use("ldap");
}

My attempt at converting the Stingray rule as led me to split the rule into two iRules to avoid a circular reference loop.

iRule 1 applied to "VirtualServer_80" - do the http to https redirection

when HTTP_REQUEST { 
    set path [string tolower [HTTP::uri]]
    set host [string tolower [HTTP::host]]

    if {($host eq "gsd.teachscape.com") and ($path eq "/")} {
        HTTP::redirect https://$host/gsd/login/}{
        }
}                   

iRule 2 applied to "VirtualServer_443" - Set cookie and redirect to pool.

when HTTP_REQUEST {
    set path [string tolower [HTTP::uri]]
    set host [string tolower [HTTP::host]]
    set domain "domain=test.com"

    if {$host eq "gsd.test.com" }{
        if {$path contains "/gsd/login"}{
            HTTP::cookie insert name "sso_cust" value "gsd" domain $domain
            pool Test_Pool}{
        if {$path eq "/"}{      
            HTTP::redirect "/gsd/login/" }{
    }
}

Thanks in advance! Ron

1 Reply

  • Hi Ron,

    you may try the iRule below...

    HTTP iRule:

    when HTTP_REQUEST {
        if { [string tolower [HTTP::host]] equals "gsd.test.com" } then {
             Redirecting requests to http://gsd.test.com/* to https://gsd.test.com/*
            HTTP::redirect "https://[getfield [HTTP::host] ":" 1][HTTP::uri]"
        }   
    }
    

    HTTPS iRule:

    when HTTP_REQUEST {
        if { ( [string tolower [HTTP::host]] equals "gsd.test.com" ) } then {
            if { [string tolower [HTTP::path]] equals "/" } then {
                HTTP::redirect "/gsd/login"
            } else {
                pool Test_Pool
            }
            set set_sso_cust_cookie 1
        }
    }
    when HTTP_RESPONSE {
        if { [info exists set_sso_cust_cookie] } then {
            HTTP::header insert "Set-Cookie" "sso_cust=gsd;Secure;HTTPOnly;Path=/;Domain=test.com"
            unset -nocomplain set_sso_cust_cookie
        }
    }
    

    Cheers, Kai