Strip Parity before Matching?

Can you explain how parity would be used in an HTTP POST request for error checking? I thought parity checking would only be used in lower level scenarios like reading from memory or disk.

 

 

You should be able to decode/modify the payload using an iRule. If you have more detail on what you're trying to do, we can provide more detailed suggestions.

 

 

Thanks,

 

Aaron

I know it seems a bit ridiculous, and I completely agree - but this is for a couple of payment processing protocols that haven't grown up much over the years.

 

 

It made sense to use parity with dial-up connections. Rather than cease using parity bits when IP & TCP & HTTP came into play, they just tunnel the old protocols inside the new ones. (Some of these protocols still do ENQ/ACK/BEL/NAK as well.)

 

 

My application understands parity if it is present, but does not require it to be.

 

 

In the F5 I don't need to validate that parity is correct, I just want to strip off the high bit of each byte before performing any of the Application Security checks. If I can AND each byte with 01111111 before performing the rest of the analysis ...

 

 

Could you point me in the right direction to do this?

 

 

Thank you very much.

So you'd want to perform a bitwise AND operation against every byte of the TCP payload before the TCP is parsed as HTTP and validated by ASM? I'm having a hard time imagining how this would work.

 

 

Aaron

I think essentially so, yes. This is my network to protect, but I can't specify what languages or protocols the clients and applications use. :-/

 

 

Any other ideas? Even though I'm in the minority, it's very frustrating that the protection appliances don't grok the same content encoding that the applications do.