Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Questions and Answers

Loading... Loading...

Hi

I made an iRule to intercept flash client requests for the crossdomain.xml file, and masked it with another xml. This all works fine with HTTP request, but when trying to add the iRule to another virtual server using HTTPS and SSL offloading i get the following:

01070394:3: HTTP_REQUEST event in rule (faceme_set_crossdomain) requires an associated HTTP or FASTHTTP profile on the virtual server (vs_dev_faceme_rtmp).

I'm a bit of a newb so please be gentle, but any help would be appreciated.

I also tried, setting an HTTP Profile in the virtual server but, client requests seemed to fall into a hole.

 


8 Answer(s):

Hey Steve. There's no reason the iRule shouldn't work on a SSL terminating standard Virtual Server. Two questions;

1) Are there other iRules assigned to the SSL VS?
2) Could you post the VS configuration from the CLI: tmsh list ltm virtual 'name'

Thanks Steve for your quick reply, there are no other iRules assigned to the SSL VS, and here's the VS info:

 

ltm virtual vs_dev_faceme_rtmp {
    destination 123.100.113.198:https
    ip-protocol tcp
    mask 255.255.255.255
    pool dev_rtmp
    profiles {
        dev_stream1_ssl {
            context clientside
        }
        tcp { }
    }
}
 
i do not think http profile is applicable.

Real Time Messaging Protocol
http://en.wikipedia.org/wiki/Real_Time_Messaging_Protocol
Is the Virtual handling RTMP traffic rather than HTTP?
Hi Yeah the rtmp session is wrapped in an ssl session actually. We are using the rtmps protocol.
OK, in which case you'll not be able to use HTTP related events. Perhaps you can post the code (suitably secured) and we can find a different way?
Here's the iRule (no problem with it being unsecured):

when HTTP_REQUEST {
log local0.info "GOT REQUEST"

set crossdomain {






}

if { [HTTP::path] equals "/crossdomain.xml"} {

log local0.info "CAUGHT CROSSDOMAIN REQUEST"
HTTP::respond 200 content $crossdomain
HTTP::release

} else {

log local0.info "MOVING ON"

return

}

}
OK, so as I said, we can't use the HTTP events. Would you be able to do a tcpdump to see what the request for this resource actually looks like please? We could then probably search for it and use TCP::respond to send the response. Shame there's no built in support for RTMP.

Your answer:

You must be logged in to reply. You can login here.