Stream iRule
Hello. I am working on an iRule to solve a specific problem with a Sharepoint java script. Basically, I am doing SSL Client side termination on the Big-IP LTM 9.4.5 box. However, a few scripts loca...
Forum Discussion
Thanks Aaron,
actually, I just found out that there are some scripts involved so you never see the directory in the http request. The biggest issue here is when we use the generic streaming profile we are modifying word documents, excel, power point, etc that has http:// in it and replacing it with https://. The issue is if anything sneaks through that are links and they are not properly set to https, our redirect iRule on port 80 seems to kill it. Here is my latest thought. Enable streaming everywhere, but check if the Content-Type of the HTTP Response is either word, excel, powerpoint. if it is disable it. Here is what I have...what do you think.
when HTTP_RESPONSE {
check if the response is a word file and disable streaming.
if {[HTTP::header value Content-Type] contains "msword"}{
STREAM::disable
}
check if the response is an excel file and disable streaming.
if {[HTTP::header value Content-Type] contains "vnd.excel"}{
STREAM::disable
}
check if the response is a powerpoint file and disable streaming.
if {[HTTP::header value Content-Type] contains "ms-powerpoint"}{
STREAM::disable
}
Otherwise stream if there is an expression match for http and replace it with https.
STREAM::expression "@http://@https://@"
STREAM::enable
}
when STREAM_MATCHED {
This will log when the stream is matched. This should help with any future troubleshooting as well.
log local0. "[IP::client_addr]:[TCP::local_port]: matched: [STREAM::match], replaced with: [string map {http:// https://} [STREAM::match]]"
STREAM::replace "[string map {http:// https://} [STREAM::match]]"
}