20 Lines or Less #34 – A whole new year of iRules
What could you do with your code in 20 Lines or Less? That's the question I ask (almost) every week for the devcentral community, and every week I go looking to find cool new examples that show just how flexible and powerful iRules can be without getting in over your head.
So here we are in the future. Surely by 2010 we should have jetpacks and hover cars and personal teleporters, right? Well, technological advancements may have fallen short on some of those things promised to us time and time again by the world of sci-fi, but advancements there have been. After 100+ examples of iRules in 20 Lines or Less I’m continually impressed by what people can come up with to accomplish in a few lines of code. With new versions, new commands and a continually growing community, I have nothing but high hopes for the 20LoL and the DC community in general in twenty-ten.
With that, let’s dig into a few of the first iRule examples to be shown off this decade.
Load balanced Redirection
http://devcentral.f5.com/s/Default.aspx?tabid=53&forumid=5&postid=814405&view=topic
In this example Aaron shows up my simple little outline of a rule with his more thought out logic. Showing you how you might load balance to a pair of redirects rather than actual pools or nodes, he even shows you how to make sure that you aren’t redirecting to a downed location by making use of the LTM’s built-in features. Very cool.
when HTTP_REQUEST {
# For a load balancing selection from the VIPs default pool
# This assumes you've set the pool's load balancing algorithm to round robin
switch [LB::select] {
"1.1.1.1" {
# Send client a 302 redirect with the hostname which corresponds to the 1.1.1.1 server IP
HTTP::respond 302 Location "http://firsthost.domain.com" Cache-Control No-Cache Pragma No-Cache
}
"2.2.2.2" {
# Send client a 302 redirect with the hostname which corresponds to the 2.2.2.2 server IP
HTTP::respond 302 Location "http://secondhost.domain.com" Cache-Control No-Cache Pragma No-Cache
}
default {
# Take some default action if both servers are marked down?
}
}
}
Terminate TCP Sessions
http://devcentral.f5.com/s/Default.aspx?tabid=53&forumid=5&postid=814016&view=topic
In this extremely cool example we get a peek at how user millencol1n uses an iRule to fire Bigpipe commands. By logging a particular string, then having his system fire a command based on that particular string when it’s found in the log, he’s able to effectively have his iRule firing off Bigpipe commands to clean his TCP sessions. That’s some neat stuff. Thanks for the example.
when RULE_INIT {
set ::count 0
}
when CLIENT_ACCEPTED {
if { [active_members pool_a] > 0 } {
pool pool_a
log local0. "primary active"
if { $::count == 1 } {
log "clean sessions"
set ::count 0 }
} else {
pool pool_b
log local0. "secondary active"
set ::count 1
}
}
when LB_FAILED {
pool pool_b
set ::count 1
log local0. "Selected member: [LB::server addr]"
}
Restricting browser types
http://devcentral.f5.com/s/Default.aspx?tabid=53&forumid=5&postid=814336&view=topic
This example shows us how one could easily limit users to a particular user agent, which generally translates into a given browser type for those non-spoofing types. If your application only works in IE or you only want users with FireFox accessing certain sections of your site, this simple little snippet will get you where you need to go.
when HTTP_REQUEST {
# Check if the UA header does not contain MSIE
if { not ([HTTP::header "User-Agent"] contains "MSIE") } {
# Send an HTTP response indicating the UA isn't allowed?
HTTP::respond 200 content {your browser isn't allowed} }
}
I hope you had a great year last year and I’m looking forward to an even better one this year. As always all questions, comments & feedback are welcomed. Until next time, keep those examples coming and keep iRuling.
#Colin