Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Questions and Answers

Loading... Loading...

Hi 

I have a streaming enabled on one of VS running SSL. now i need to configure that VS to work on port 80 and 443 how do i disable the streaming when a client connects on port 80 and enable it when the client connects on 443

this is the I-rule 

 

when HTTP_REQUEST {
 
   STREAM::disable
   HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
 
   if {[HTTP::header value Content-Type] contains "text"}{
 
      STREAM::expression {@http://esf.mtn.co.za@https://esf.mtn.co.za@}
 
      STREAM::enable
   }
}

4 Answer(s):

Try this;

when HTTP_REQUEST {
 STREAM::disable
 HTTP::header remove "Accept-Encoding"
}

when HTTP_RESPONSE {
 if { [TCP::local_port] == 443 } {
  if { [HTTP::header value Content-Type] contains "text" } {
   STREAM::expression {@http://esf.mtn.co.za@https://esf.mtn.co.za@}
   STREAM::enable
   }
  }
 }
}
Thanks Steve as per usual your a legend...
You're welcome. Thanks
i think TCP::local_port in HTTP_REESPONSE event would return server-side's bigip port.

e.g.

[root@ve10:Active] config # b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.252:1234
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config # b pool foo list
pool foo {
   members 200.200.200.101:5678 {}
}
[root@ve10:Active] config # b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   log local0. "--"
   log local0. "\[IP::remote_addr\] [IP::remote_addr]"
   log local0. "\[TCP::remote_port\] [TCP::remote_port]"
   log local0. "\[IP::local_addr\] [IP::local_addr]"
   log local0. "\[TCP::local_port\] [TCP::local_port]"
   log local0. "--"
}
when HTTP_RESPONSE {
   log local0. "--"
   log local0. "\[IP::remote_addr\] [IP::remote_addr]"
   log local0. "\[TCP::remote_port\] [TCP::remote_port]"
   log local0. "\[IP::local_addr\] [IP::local_addr]"
   log local0. "\[TCP::local_port\] [TCP::local_port]"
   log local0. "--"
}
}

[root@ve10:Active] config # tail -f /var/log/ltm
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_REQUEST>: --
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_REQUEST>: [IP::remote_addr] 192.168.206.31
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_REQUEST>: [TCP::remote_port] 49687
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_REQUEST>: [IP::local_addr] 172.28.19.252
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_REQUEST>: [TCP::local_port] 1234
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_REQUEST>: --
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_RESPONSE>: --
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_RESPONSE>: [IP::remote_addr] 200.200.200.101
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_RESPONSE>: [TCP::remote_port] 5678
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_RESPONSE>: [IP::local_addr] 200.200.200.10
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_RESPONSE>: [TCP::local_port] 49687
Feb 10 20:21:52 local/tmm info tmm[4884]: Rule myrule <HTTP_RESPONSE>: --

Your answer:

You must be logged in to reply. You can login here.