What could you do with your code in 20 Lines or Less? That's the question I ask every week, and I've got more examples for you that show just how powerful iRules can be in less than 21 lines.

This week I'm still drawing from the CodeShare. My plan was to pull from the CodeShare for the first week or two until I'd depleted it of possible examples and then move on. For those of you that haven't checked how awesome the CodeShare is lately, let's just say it would take a lot more than two editions of 20LoL to burn through all of those awesome examples.

As such, next week I'll be poking around in the forums for some examples and, who knows, maybe even writing some of my own. As always, send in your example code to become one of the famous to be featured here, and I'll make sure to get you posted.

Weblogic JSessionID Persistence

Here's a solution to a question that's been asked in the forums many a time. Dealing with JSessionID is nothing new, and something many people want to know how to do. Here you can do it in less than 20 lines.

    when HTTP_REQUEST {   
       if { [HTTP::cookie exists "JSessionID"] } {   
          persist uie [HTTP::cookie "JSessionID"]   
       } else {   
          set jsess [findstr [HTTP::uri] "JSessionID" 11 ";"]   
          if { $jsess != "" } {   
             persist uie $jsess   
          }   
       }   
    }   
    when HTTP_RESPONSE {   
       if { [HTTP::cookie exists "JSessionID"] } {   
          persist add uie [HTTP::cookie "JSessionID"]  
       }   
    }

VPN Sorter

For those of you that might run multiple VPN devices in your office, here's a great way to allow users to connect to a single IP address and be sent to the appropriate pool of servers based on the relevant IP/UDP info. Not using VPN? This looks like it'd be pretty easy to port to - well - pretty much anything else that you wanted to sort into multiple pools.

when CLIENT_ACCEPTED {
  if {[IP::protocol] == 47 || [TCP::local_port] == 1723} {
    # GRE used by MS PPTP server, TCP control channel
    pool ms_pptp
  } elseif {[IP::protocol] == 50 || [IP::protocol] == 51 || [UDP::local_port] == 500}  {
    # AH and ESP used by IPSec, IKE used by IPSec
    pool ipsec_pool
  } elseif {[IP::protocol] == 115} {
    pool l2tp_pool
    # L2TP Protocol server
  }
}

Validate String Characters in a Cookie

So you're using cookies to store all that data that you're using for those awesome, powerful iRules, huh? You say you've also got a system with pretty stringent requirements that isn't very fault tolerant? Well, maybe you should think about validating the data that you're pulling in from those cookies, just to be sure you're not accepting any illegal characters. Here's an example in less than 20 lines.

when RULE_INIT {
   set ::cookie_to_validate "my_cookie"
   set ::cookie_validation_debug 1
   set ::allowed_chars_cookie_value {%[-a-zA-Z0-9_]}
}

when HTTP_REQUEST {
   if {[string length [HTTP::cookie value $::cookie_to_validate]]}{
      if {[HTTP::cookie value $::cookie_to_validate] eq [scan [HTTP::cookie value $::cookie_to_validate] $::allowed_chars_cookie_value]}{
         if {$::cookie_validation_debug} {
           log local0. "Received a request from [IP::client_addr] with legal cookie value: [HTTP::cookie value $::cookie_to_validate]"}
      } else {
         if {$::cookie_validation_debug}{
         set len [string length [scan [HTTP::cookie value $::cookie_to_validate] $::allowed_chars_cookie_value]]
         log local0. "Received a request from [IP::client_addr] with illegal cookie value: [HTTP::cookie value $::cookie_to_validate], \
            char: [string range [HTTP::cookie value $::cookie_to_validate] $len $len]"}
      }
   }
}

There you go, more examples of how great things truly can come in small packages. Next week: More iRules!

 

#Colin