Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Stream command

Hi,

I'm trying to write an irule in order to replace any content starting with /path and replace it to /real/path (path is the same, only the beginning must change. The one I made was:


when HTTP_RESPONSE {

STREAM::disable

if {[HTTP::header value Content-Type] contains "text"} {
STREAM::expression {@path@real\/path@}
STREAM::enable
}
}

But it doesn't properly work, as replace other content that I don't need to be replaced.

Can anyone help me? <img src=/DesktopModules/NTForums/themes/DC4/emoticons/sad.gif width=20 height=20>
0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
What is the string you're trying to match and what is it errantly matching? Could you use an expression like:

{@/path/@/real/path/@}

Aaron
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Hi,
I already tried it, but doesnt work with all the contents, like this:
The frame name has the same name as the path and change it too.
The irule i used:
 
when HTTP_RESPONSE {
STREAM::disable
if {[HTTP::header "Content-Type"] contains "text"}{
STREAM::expression {@/nilo/@/sdr/nilo/@}
STREAM::enable
}
}

And now what it makes with some parts of the contents.
original:
<frame name="otra_nilo" src="/nilo/SvtMontarPaginaComun?clase=menu.AccMenuInicio" >
modified:
<frame name="otra_sdr\nilo" src="/sdr\nilo/SvtMontarPaginaComun?clase=menu.AccMenuInicio" >
I have no idea how to fix it
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
If you make the string to replace /nilo/ it shouldn't match "otra_nilo". The sample output you listed shows sdr being replaced with sdr\. The stream expression I suggested was {@/nilo/@/sdr/nilo/@}. That replacement shouldn't have been made with this stream expression.

Can you retest with {@/nilo/@/sdr/nilo/@} and reply with the HTML output?

Thanks,
Aaron
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Hi,
Right now I can't check it again as I'm out of the office. Anyway I think it'll be better if you know why I need it and the context and tomorrow I'll try it again. Hope I explain it good enough:

The users connect to a proxy server using an uri like https://10.0.0.0/sdr/nilo/..... that proxy server only makes the authentication and then send traffic to the Big-ip with an uri like http://10.0.0.10/nilo/.... and then send to the app web server pool.

Due to the way that the application was made a few years ago and that the proxy server can't be modified in a short period of time, we need to make the app works modifying the f5.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Hi again,

I applied the irule again and tried it but now i checked that when the server set a coookie, then the answers from the f5 doesn't forward the set cookie. Here you have the headers.

GET /sdr/nilo/SvtMontarPaginaComun?clase=login.AccLogin HTTP/1.1 
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: es-es
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)
Host: certfeg.infraestructuras
Connection: Keep-Alive
Authorization: Basic xxxxxxxxxxxxxxxx

HTTP/1.1 200 OK
Server: Sun-Java-System-Application-Server/7 2004Q2
Date: Thu, 09 Jul 2009 06:00:14 GMT
Content-type: text/html;charset=ISO-8859-1
Set-cookie: JSESSIONID=5e1908ee7dfd0121904f839c86f37;Path=/nilo
Transfer-encoding: chunked
Via: 1.1 S1PS


but in the next get, I don't have the cookie:

GET /sdr/nilo/SvtMontarPaginaComun?clase=base.AccCargarPaginaJsp&jspDestino=/jsp/cabecera.jsp HTTP/1.1 
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: https://certfeg.infraestructuras/sdr/nilo/SvtMontarPaginaComun?clase=login.AccLogin
Accept-Language: es-es
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)
Host: certfeg.infraestructuras
Connection: Keep-Alive
Authorization: Basic xxxxxxxxxxxxxxxx
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
The stream profile won't modify the HTTP headers if you have an HTTP profile associated with the virtual server. The issue you're seeing is due to the fact that the application sets the JSESSIONID cookie with a path of /nilo. But the client isn't making a request to a path that starts with /nilo, so it doesn't send the JSESSIONID cookie in the request. You can use HTTP::cookie path (Click here) to rewrite the path on the JSESSIONID cookie. It would probably be safe to rewrite it to / so the client sends the cookie regardless of which path is being requested. You could potentially change this in the application as well.

Aaron
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
I think I must change the path in both, request and response, but now I'm a bit lost with the way to do it :/
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
The path and other cookie attributes are only sent in the server response--not in client requests. So you'd only need to update the path on responses. You could do something like this:

 
when HTTP_RESPONSE {

# Check if JSESSIONID cookie exists
if {[HTTP::cookie exists JSESSIONID]}{

# Set the path on the cookie to / so the client will send the cookie in requests for any path
HTTP::cookie path JSESSIONID "/"
}

# Check if the response is text
if {[HTTP::header value Content-Type] contains "text"} {

# Set the replacement
STREAM::expression {@/nilo/@/sdr/nilo/@}
STREAM::enable
} else {
# Response isn't text, so disable the stream filter
STREAM::disable
}
}


Aaron
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Hi, really thanks for your help.

As the VS is used for several apps sharing part of the uri /sdr/*, I wonder how I can apply this configuration only to the app I need, I tried using several things , but I can't figure how to check it.

Really thanks for your help.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Do any others use the JSESSIONID cookie name? Is there something in the request or response you use to differentiate between different apps? Is the hostname different? Are the URIs different?

Aaron
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Yes, some of them use the JSESSIONID and the use differents URIs when arrived to the Big-ip:

we use another irule to check the uri and send the traffic to the correct pool


when HTTP_REQUEST {
if {[HTTP::uri] starts_with "/app1"} {
pool pool_app1
}
else {
if {[HTTP::uri] starts_with "/app2"} {
pool pool_app2
}
else {
if {[HTTP::uri] starts_with "/app3"} {
pool pool_app3
}
else {
if {[HTTP::uri] starts_with "/app4"} {
pool pool_app4
}
else {
pool pool_app5
}
}
}
}
}
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
If you only want to rewrite the response headers and data for one app, you could combine the two iRules:

 
when HTTP_REQUEST {

# Initialize a variable to track whether to rewrite the response headers/content
set check_response 0

# Select pool based on requested path
switch -glob [HTTP::path] {

"/app1*" {

# Track that we'll rewrite the response headers and possibly the payload for this app
set check_response 1

pool app1_pool
}
"/app2*" {
pool app2_pool
}
"/app3*" {
pool app3_pool
}
"/app4*" {
pool app4_pool
}
default {
pool app5_pool
}
}
}
when HTTP_RESPONSE {

# Check if we're potentially rewriting the response headers/payload for this app
if {$check_response}{

# Check if JSESSIONID cookie exists
if {[HTTP::cookie exists JSESSIONID]}{

# Set the path on the cookie to / so the client will send the cookie in requests for any path
HTTP::cookie path JSESSIONID "/app1"
}

# Check if the response is text
if {[HTTP::header value Content-Type] contains "text"} {

# Set the replacement text and enable the stream filter
STREAM::expression {@/nilo/@/sdr/nilo/@}
STREAM::enable

} else {
# Response isn't text, so disable the stream filter
STREAM::disable
}
}
}


Aaron
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
We are using a few more irules in the same VS, so right now we want to keep the pool selection and the actions taking in order to fix some problems in differents iRules. Anyway I'll use the global pool selection you wrote to replace with the "bad" irule we are using.

I used thin irule to make the same, is it correct?:

 
when HTTP_REQUEST {

# Initialize a variable to track whether to rewrite the response headers/content
set check_response 0

# Check if the path is correct
if {[HTTP::uri] starts_with "/nilo"} {
# Track that we'll rewrite the response headers and possibly the payload for this app
set check_response 1
}
}
when HTTP_RESPONSE {

# Check if we're potentially rewriting the response headers/payload for this app
if {$check_response}{

# Check if JSESSIONID cookie exists
if {[HTTP::cookie exists JSESSIONID]}{

# Set the path on the cookie to /sdr/nilo so the client will send the cookie in requests for any path
HTTP::cookie path JSESSIONID "/sdr/nilo"
}

# Check if the response is text
if {[HTTP::header value Content-Type] contains "text"} {

# Set the replacement text and enable the stream filter
STREAM::expression {@/nilo/@/sdr/nilo/@}
STREAM::enable

} else {
# Response isn't text, so disable the stream filter
STREAM::disable
}
}
}
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
That looks good. Does it work?

Aaron
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
yes, at least in the big-ip i'm using to test, it works

Really thanks for your help.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
No problem. Glad you were able to solve the issue.

Aaron
0