Consolidate irule

Question

Hi All, On one of the VIP we have multiple irules. These irules were added on demand request from app owners and as time elapsed. we ended up with having multiple irule with multiple HTTP_REQUEST check . Due to which now we are getting lot of errors, functionality is working as of now. But support says it may not sometimes. Hence a precautionary measure, i am consolidating irules mentioned into one. Experts out there if possible help me. Below are the irules.&nbsp;Code 
Irule 1:
when HTTP_REQUEST { 
if { ([string tolower [HTTP::host]] equals "www.xyz.com") || ([string tolower [HTTP::host]] equals "originwww.xyz.com") || ([string tolower [HTTP::host]] equals "xyz.com") } {
switch -glob [string tolower [HTTP::uri]] {
"/en-12/*"
"/en-34/*"
"/en-56/*" 
"/en-78/*"
"/content/global/aa/*" -
    HTTP::redirect "https://[HTTP::host]/en/homepage.html" 
  }
  "*-country*" -
  "*-country1*" -
  "*-country2*" -
  "*-country3*" - 
  "*-country4*" -
  "*-country5*" -
  "*-country6*" -
  "*-country7*" -
  "*-country8*" -
  "*-country9*" -
  "*-country10*" -
  "*-country11*" -
  "*-country12*" -
  "*-country13*" -
  "*-country14*" -
  "*-country15*" -
  "*-country16*" -
  "*-country17*" -
  "*-country18*" -
  "*-country19*" -
  "*-country 20*"   {
  set arcom_uri [substr "[string tolower [HTTP::uri]]" 1 "/"]
    if { ($qrcom_uri contains "-") || ($qrcom_uri equals "en") }{
        log local0. "NEW: $arcom_uri"
        HTTP::redirect "http://[HTTP::host]/$arcom_uri/discover.html"
} else {
        set old_qrcom_uri [substr "[string tolower [HTTP::uri]]" 1 5]
        log local0. "OLD: $old_arcom_uri"
        HTTP::redirect "http://[HTTP::host]/$old_arcom_uri/destinations.page"
}
   }
   }
   }
   }
Code
IRULE 2
when HTTP_REQUEST {
if {[string tolower [HTTP::host]] eq "xyz.com"}{
switch -glob [string tolower [HTTP::uri]] {
"/en/*" {
   HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]"   
}
"/cntent/*" {
   HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]"   
}
"/apps/*" {
   HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]" 
}
"/etc/*" {
   HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]" 
}    
"/ar/*" {
   HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]"   
}
"/libs/*" {
   HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]"   
}
"/bin/*" {
   HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]"   
}
"/en-*/*" {
    HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]"
}

}
return
}
 switch -glob [string tolower [HTTP::uri]] {
"/en/*" {
   HTTP::respond 302 "https://[HTTP::host][HTTP::uri]"   
}
"/cntent/*" {
   HTTP::respond 302 "https://[HTTP::host][HTTP::uri]"   
}
"/apps/*" {
   HTTP::respond 302 "https://[HTTP::host][HTTP::uri]" 
}
"/etc/*" {
   HTTP::respond 302 "https://[HTTP::host][HTTP::uri]" 
}    
"/ar/*" {
   HTTP::respond 302 "https://[HTTP::host][HTTP::uri]"   
}
"/libs/*" {
   HTTP::respond 302 "https://[HTTP::host][HTTP::uri]"   
}
"/bin/*" {
   HTTP::respond 302 "https://[HTTP::host][HTTP::uri]"   
}
} }

Code
IRULE 3:
    when HTTP_REQUEST {
    if {[HTTP::header exists True-Client-IP]}{
                if {[HTTP::header exists X-Forwarded-For]}{
                            HTTP::header remove X-Forwarded-For
                            HTTP::header insert X-Forwarded-For [HTTP::header True-Client-IP]      
                } else {  
                HTTP::header insert X-Forwarded-For [HTTP::header True-Client-IP]      
                }
    } else {
                if {[HTTP::header exists X-Forwarded-For]}{
                            HTTP::header remove X-Forwarded-For
                            HTTP::header insert X-Forwarded-For [IP::client_addr]
                } else {  
                HTTP::header insert X-Forwarded-For [IP::client_addr]
                }           
    }
    }

Code 
IRULE 4:
when HTTP_REQUEST {
if { (([HTTP::host] contains "abc.com") or ([HTTP::host] contains "www.abc.com")) } {
 HTTP::redirect "https://www.xyz.com/en/Privilege-Club.html"
 }
 elseif { (([HTTP::host] equals "abc.ch") or ([HTTP::host] equals "www.abc.ch")) } {
 HTTP::respond 301 Location "http://www.xyz.com/ch"
 }
elseif { (([HTTP::host] equals "abc.ca") or ([HTTP::host] equals "www.abc.ca")) } {
 HTTP::respond 301 Location "http://www.xyz.com/qa"
 }
 }

Code
IRULE 5:
when HTTP_REQUEST {  
if {([HTTP::uri] contains "credit-card-verification.page")||([HTTP::uri] contains "facebook.page")}{
HTTP::redirect "https://[HTTP::host][HTTP::uri]"
}
}

lee_sutcliffe · Answer

Ok, this is a very rough merge of the various rules and comes with no warranties! It does not take into consideration the order the rules are executed in as I don't have visibility of this.
You could potentially merge into one iRule (using multiple HTTP_REQUEST events) and use a priority value that matches the order the iRules are applied in on the virtual server to ensure they are executed in the preferred order. 
Anyway, I've stripped out a lot of the switch statements for datagroup lookups. 
I've had a quick scan through the logic and I don't think there are any conflicts, so I'd check before trying it out. 
Also I've not tested the syntax as I've just bashed this out in a text editor but it may give you some ideas:
when HTTP_REQUEST { 
    Rule 1
    if {[class match [string tolower [HTTP::host]] equals host-dg-1]} {
        if {[class match [string tolower [HTTP::uri]] starts_with uri-dg-1]} {
            HTTP::redirect "https://[HTTP::host]/en/homepage.html" 
        }
        if {[class match [string tolower [HTTP::uri]] contains uri-dg-2]} {
            set arcom_uri [substr "[string tolower [HTTP::uri]]" 1 "/"]
            if { ($qrcom_uri contains "-") || ($qrcom_uri equals "en") }{
                log local0. "NEW: $arcom_uri"
                HTTP::redirect "http://[HTTP::host]/$arcom_uri/discover.html"
            } else {
                set old_qrcom_uri [substr "[string tolower [HTTP::uri]]" 1 5]
                log local0. "OLD: $old_arcom_uri"
                HTTP::redirect "http://[HTTP::host]/$old_arcom_uri/destinations.page"
            }   
        }
    }

Rule 2
    if {[class match [string tolower [HTTP::uri]] contains uri-dg-3]} {
        if {[string tolower [HTTP::host]] eq "xyz.com"}{
            HTTP::respond 301 Location "https://www.[HTTP::host][HTTP::uri]"  
        } else {
            HTTP::respond 302 "https://[HTTP::host][HTTP::uri]"   
        }
    }

Rule 3
    if {[HTTP::header exists True-Client-IP]} {
        if {[HTTP::header exists X-Forwarded-For]}{
            HTTP::header remove X-Forwarded-For
            HTTP::header insert X-Forwarded-For [HTTP::header True-Client-IP]      
        } else {  
            HTTP::header insert X-Forwarded-For [HTTP::header True-Client-IP]      
        }
    } else {
        if {[HTTP::header exists X-Forwarded-For]}{
            HTTP::header remove X-Forwarded-For
            HTTP::header insert X-Forwarded-For [IP::client_addr]
        } else {  
            HTTP::header insert X-Forwarded-For [IP::client_addr]
        }           
    }

Rule 4
    if { [HTTP::host] contains "abc.com" } {
        HTTP::redirect "https://www.xyz.com/en/Privilege-Club.html"
    } 
    if {([HTTP::host] equals "abc.ch") || ([HTTP::host] equals "www.abc.ch") } {
        HTTP::respond 301 Location "http://www.xyz.com/ch"
    }
    if { ([HTTP::host] equals "abc.ca") || ([HTTP::host] equals "www.abc.ca") } {
        HTTP::respond 301 Location "http://www.xyz.com/qa"
    }

Rule 5
    if {([HTTP::uri] contains "credit-card-verification.page") || ([HTTP::uri] contains "facebook.page")} {
        HTTP::redirect "https://[HTTP::host][HTTP::uri]"
    }

}
`

Data group details:

ltm data-group internal /host-dg-1{
            records {
                [www.xyz.com](//www.xyz.com) { }
                originwww.xyz.com { }
                xyz.com { }
            }
            type string
        }

`    ltm data-group internal /uri-dg-1{
        records {
            /en-12/ { }
            /en-34/ { }
            /en-56/ { }
            /en-78/ { }
            /content/global/aa/ { }
        }
        type string
    }

ltm data-group internal /uri-dg-2{
        records {
            -country { }
            -country1 { }
            -country2 { }
            -country3 { }
            -country4 { }
            -country5 { }
            -country6 { }
            -country7 { }
            -country8 { }
            -country9 { }
            -country10 { }
            -country11 { }
            -country12 { }
            -country13 { }
            -country14 { }
            -country15 { }
            -country16 { }
            -country17 { }
            -country18 { }
            -country19 { }
            -country20 { }
        }
        type string
    }

ltm data-group internal /uri-dg-3{
    records {
        /en/ { }
        /cntent/ { }
        /apps/ { }
        /etc/ { }
        /ar/ { }
        /libs/ { }
        /bin/ { }
        /en- { }
    }
    type string
}

Forum Discussion

Consolidate irule

1 Reply

Recent Discussions

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Related Content

iRULE regsub error

owa iapp assign irule

Irule Trigger two times

iRule assistance for subfolder redirect

IRule to select IRule doesn't work even if the condition triggers