Forum Discussion

Nimbostratus

Aug 28, 2008

can this Irule be optimized?

when HTTP_REQUEST { if { [matchclass [string tolower [HTTP::uri]] starts_with $::legacyPaths] } { checked for matchclass == legacyPaths and forward to Legacy_http_pool ...

Cirrostratus

Sep 05, 2008

Assuming the logic works for your scenario, the syntax looks fine.

 
 when HTTP_REQUEST { 
  
    if { (not [matchclass [string tolower [HTTP::uri]] starts_with $::LegacyExceptions]) and ([matchclass [string tolower [HTTP::uri]] starts_with $::LegacyPaths]) } { 
  
       checked for matchclass != exceptions and == LegacyPaths and forward to Legacy_http_pool 
       use snatpool atypon_SNAT 
       log local0. "*****DEBUG SNAT applied" 
  
       snat 172.23.0.60 
       pool Legacy_http_pool 
  
       HTTP::redirect http://www.google.com 
  
    } else { 
  
        when uri matches admin in Literatum check for source ip 
       if { [HTTP::uri] starts_with "/admin" and (not [matchclass [IP::remote_addr] equals $::Admin]) } { 
  
  Literatum path for admin uri but not internal IP 
          log local0. "External IP ([IP::remote_addr]) attempting to access admin path ([HTTP::uri])" 
          HTTP::redirect http://redirect.com/404.html 
  
       } else { 
          pool Stage_http_pool 
       } 
    } 
 }

Aaron

Forum Discussion

can this Irule be optimized?

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Quick Optimizations for F5 BIG-IP Virtual Edition

Optimize Edge deployments for Secure Mesh Site Networking in Distributed Cloud

Ten Steps to iRules Optimization

Optimizing the CVE-2015-1635 iRule

SSL Profiles Part 11: TLS Optimization