kleis_oenema_67
Nimbostratus
Nimbostratushelp implementing i-rules
I just need to compose an i-rule to impose secure loging. At present it works fine in a dx box from junper with a so called ptc rule. The ptc rule is rewriting a part of the contents. This has now to be done by a big-ip version 9.3x.
the first I rule applies to http to redirect to https this works fine.
rule for http
when HTTP_REQUEST {
if { [HTTP::uri] contains "/Logon/ProcessLogon.asp?iscontained=Yes"} {
HTTP::redirect "https:://"[HTTP::host][HTTP::uri]"
} elseif { [HTTP::uri] contains "interop" } {
pool HFM-Prod-interop
} else
{pool HFM-Prod }
}
rule for https
when HTTP_REQUEST {
if { [HTTP::uri] contains "../home/home.asp?iscontained=Yes" }{
HTTP::redirect "http://[HTTP::host][HTTP::uri]"
} elseif { [HTTP::uri] contains "interop" } {
pool HFM-Prod-interop
} else
{pool HFM-Prod }
}
so far so good. However the https rule should do more and replace content data
to this rule the following should be added. I give first the ptc rule as applied in the redline
PTC: content contains "" then replace content term ""
in the above lines the "\" are escapes for the redline to ignore the next character.
I suppose this should be used in the big ip as well for " and ( ) do have meaning in parsing.
in simple language the following should happen
if the content contains:
""
then replace the content with:
""
In the above I took away the escapes needed for the redline
Who can help me do solve this problem
