Forum Discussion

dhaval_24359's avatar
dhaval_24359
Icon for Nimbostratus rankNimbostratus
Dec 16, 2008

event disable doesn't seem to disable Rule Processsing

 

iRule "event disable" command doesn't seem to be working as described in the documentation.

 

 

From our understanding, when "event disable" is called for a specific event, no further iRule execution occurs for that event. Below is how our iRules are setup.

 

 

We have two rules for one of our virtual servers as the image show below.

 

 

1. wwwtest

 

2. redirec_test

 

 

 

According to the documentation order the rules are configured implies their execution order, so in this case ruled named "wwwtest" would fire first, then "redirec_test", and so on.

 

 

The "wwwtest" rule is below:

 

 

when HTTP_REQUEST priority 10 {

 

if {(not ([HTTP::host] starts_with "www")) } {

 

 

HTTP::respond 301 location "http://www.[getfield [HTTP::host] : 1][HTTP::uri]"

 

event disable

 

 

}

 

}

 

What the rule does:

 

 

•The priority of the rule is set to "1" to assure that it will execute first.

 

•The rule executes during an HTTP Request.

 

•IF statement checks to see if the host name starts with "www", if not then it redirects to the name URL with the "www" in the host name.

 

•Once HTTP:respond called, it calls "event disable" to disable the HTTP Request event for this connection.

 

 

The "redirect_test" rule is below":

 

 

when HTTP_REQUEST priority 1000 {

 

 

if {([string tolower [HTTP::uri]] contains "testing")}{

 

HTTP::respond 301 Location "http://www.betacnca.com/newsletters/newsletters_2007_10/index.htm?host=[HTTP::host]"}

 

 

}

 

 

What the rule does:

 

 

•The priority of the rule is set to "1000" to assure that it will execute last

 

•The rule executes during an HTTP Request

 

•The "IF" statement checks to see if the word testing is in the URI, and if so, it redirects the person to a specific URL.

 

 

Problem:

 

 

There are three tests that I do to make sure the rules are working:

 

 

Test 1: Visit the site using: http://betacnca.com (without the "www" in the hostname")

 

 

Result: It seems like rule one, "wwwtest", executes fine, and redirects me to http://www.betacnca.com

 

 

 

Test 2: Visit the site using http://www.betacnca.com/testing (with testing in the URI)

 

 

Result: It seems like rule two, "redirect_test", executes, and redirects the user to some page defined in the Rule..

 

 

Test 3: Visit the site using http://betacnca.com/testing (without "www" and with "testing" in the URI_

 

 

Result: It seems like rule two, "redirect_test", executes and redirects the user to some page defined in the Rule.

 

 

Test 3 and the result are unexpected. I thought it would go to rule one, which test to see if "www" is in the host name. And since there isn't any, it would redirect the user to http://www.betacnca/testing. It shouldn't make it to Rule two since I disabled HTTP Request event on this connection using "event disable".

 

 

Please explain what I am doing wrong. I want it to stop at rule one, wwwtest, once it hits "event disable".

 

 

 

Dhaval Parekh

 

Application Architect

 

 

 

 

 

application delivery
dev
devops
iRules

1 Reply

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Dec 17, 2008
    Hi Dhaval ,

    Can you add logging to the rules and post the log output? In a simple test with priority and event disable the result was okay: 

     
 rule event_disable_rule { 
    when HTTP_REQUEST priority 100 { 
       log local0. "Priority 100" 
       event disable all 
    } 
    when HTTP_REQUEST priority 200 { 
       log local0. "Priority 200" 
    } 
 } 
 

     
 rule event_disable2_rule { 
    when HTTP_REQUEST priority 201 { 
       log local0. "Priority 201" 
    } 
 }

    Log output:

    Dec 17 12:27:07 tmm tmm[1810]: Rule event_disable_rule : Priority 100

    As expected, event disable prevents the second and third log statements from executing.

    Also, you should be wary of taking any value from the host header and inserting it in a response header. This could be used in HTTP response splitting attacks (Click here).

    Aaron