Forum Discussion

Tejaswini23_356's avatar
Tejaswini23_356
Icon for Nimbostratus rankNimbostratus
Apr 13, 2018

Irule needed to AccessFromInternetUsingWebRewriteEngine

We had a sample irule which was applied 2 yrs ago on another load balancer but right now external user is not able to access sapkpp-db.ca.net as it is only internal application so we wanted to apply an irule when ever user tries to access sapkpp-db.ca.net it should replace with s2.com. Below irule is complex and also wasn't working, the whole application was not working when applied, please suggest me a good irule to apply in this scenario

when HTTP_REQUEST { log "request Xf5refererhost [HTTP::header value "Host"]" set Xf5refererhost [HTTP::header value "Host"] if { [HTTP::header exists "Accept-encoding"] } { Accept-encoding: gzip, deflate HTTP::header replace "Accept-encoding" "text/plain" } else { HTTP::header insert "Accept-encoding" "text/plain" }

if { [HTTP::header exists "Connection"] } { Connection: Close HTTP::header replace "Connection" "Close" } else { HTTP::header insert "Connection" "Close" }

if {[string tolower [HTTP::host]] contains "sapkpp-db.ca.net"} { log "http_request sapkpp-rewrite 004 - [HTTP::uri]" HTTP::redirect "http://s2.com[HTTP::uri]" } }

when HTTP_RESPONSE { log "HTTP_RESPONSE sapkpp-db" log "response $Xf5refererhost" HTTP::header insert "X-f5-referer-host" "$Xf5refererhost" HTTP::header insert "X-F5lan-rewriter" "sapkpp-response" if { [HTTP::is_redirect] }{ HTTP::header replace Location [string map -nocase {"sapkpp-db.ca.net" "s2.com"} [HTTP::header value Location]] }

if {[HTTP::status] == 200}{

log "HTTP_RESPONSE sapkpp-db http: 200 - content: $content_length"
HTTP::collect [HTTP::header value "Content-Length"]
set content_length [HTTP::header value "Content-Length"]


if { [HTTP::header exists "Connection"] } {
  HTTP::header replace "Connection" "Close"
} else {
  HTTP::header insert "Connection" "Close"
}

if { [HTTP::header value "Host"] equals "sapkpp-db.ca.net"}{
     HTTP::header replace Host "s2.com"
}

} }

when HTTP_RESPONSE_DATA { set ctype [string tolower [HTTP::header value "Content-Type" ]] only touch body if it is ascii text/plain or ascii text/html... if { ($ctype contains "text/plain") || ($ctype contains "text/html") } { log "HTTP_RESPONSE_DATA sapkpp-db - content: $content_length" log "HTTP_RESPONSE_DATA sapkpp-db - text/plain" set pload [HTTP::payload] log "HTTP_RESPONSE_DATA content_length: $content_length - pload: $pload" set pload [string map -nocase {"sapkpp-db.ca.net" "s2.com"}$pload]

 log "HTTP_RESPONSE_DATA content: $collected - pload: $pload"
 log "headers: HTTP::header names"

if { $content_length > 0 } {
   for unchunked data, calculate remaining length & re-collect if necessary
   The HTTP_RESPONSE_DATA event will be triggered again when each collection is complete
  set collected [expr {$collected + $content_length}]
  set remaining [expr {$content_length - $collected}]
  if { $remaining > 0 } {
    if { $remaining < $content_length } {
      set content_length $remaining
    }
    HTTP::collect $content_length
  }
} else {
   chunked responses data, continue collecting in 1MB chunks.  Watch for hanging responses here.
   The HTTP_RESPONSE_DATA event will be triggered again when each collection is complete
  HTTP::collect $content_length
  set content_lenght $content_length
}
set sizepload [string length $pload]
HTTP::header insert "X-F5lan-rewriter-payload-rewritten-size" "$sizepload"
HTTP::header insert "X-F5lan-rewriter-payload-rewritten-size" "$content_length"
HTTP::header insert "X-F5lan-rewriter-payload-rewritten-size" "$collected"
HTTP::header insert "X-F5lan-rewriter-payload-size" [HTTP::payload length]
HTTP::payload replace 0 [HTTP::payload length] $pload
HTTP::release

} }