Forum Discussion

Macaron's avatar
Macaron
Icon for Nimbostratus rankNimbostratus
Nov 27, 2017

iRule for no src persistance on one port else src persistence for rest of the ports

Hi guys, I have the following iRule configured to allow multiple ports on a single VIP. I need to modify this iRule so that for port 443 no source persistence and else all the remaining ports source persistence is enabled. I was wondering if it is possible with iRule or do i need to create seprate VIP with their individual ports and persistence. ?

when CLIENT_ACCEPTED {
     if { not ([TCP:local_port] eq 22 or [TCP:local_port] eq 443 or [TCP:local_port] eq 8000)} {
     drop
     }
     }

1 Reply

  • See how this works for you. The - after 22 means use the action attached to the next condition.

    when CLIENT_ACCEPTED {
        switch [TCP::local_port] {
          22 -
          8000 {}
          443 { persist none }
          default { drop }
        }
    }