Writing to an external class file

Question

&nbsp; I've been able to write using the pyControl API to an internal address data group. However when I use the same syntax and substitute a datagroup that uses an external file I don't see any error messages in pyControl but the entry does not get written to the external file. I tried doing a 'b load' thinking that bipip needs to reload the external class file but that still didn't work. As far as I can tell the syntax I'm using is correct. 
&nbsp;  
&nbsp; So my question is -- is it possible to write via the API to an external class file?  
&nbsp;  
&nbsp; Here is the syntax I'm using from pyControl: 
&nbsp;  
&nbsp; First I do the write ip address 172.21.6.1 to data the group 'blacklisttest' which points to an external file in /var/class/ named 'blacklist' 
&nbsp;  
&nbsp; b.LocalLB_Class.add_address_class_member(class_members = [{'members': [{'address': '172.21.6.1', 'netmask': '25 
&nbsp; 5.255.255.255'}], 'name': 'blacklisttest'}]) 
&nbsp; Out[25]: {} 
&nbsp;  
&nbsp; When I check for the enty of 172.21.6.1 it's not there: 
&nbsp;  
&nbsp; b.LocalLB_Class.get_address_class(class_names = ['blacklisttest']) 
&nbsp; Out[26]: 
&nbsp; {'return': [{'members': [{'address': '10.1.1.1', 
&nbsp;                           'netmask': '255.255.255.255'}, 
&nbsp;                          {'address': '10.2.2.2', 
&nbsp;                           'netmask': '255.255.255.255'}], 
&nbsp;              'name': 'blacklisttest'}]} 
&nbsp;  
&nbsp; In [27]: 
&nbsp;  
&nbsp;  
&nbsp; Thank you for any help.

gerald_wegener_ · Answer

After some addtional testing I can see that the entries are being added somewhere but not to the external file. Once I do a 'b load' only the entries in the hard file remain (the ones I added via the API are gone). Is there someway to force a write to the external file?  
&nbsp;  
&nbsp; Basically what I'm trying to do is build a bot blocker to block ten of thousands discrete IPs. To reach these large numbers I needed to use and external class file. 
&nbsp;  
&nbsp; I can manually update the file on disk with new IPs and do a 'b load' to load the new file - but I'm trying to accomplish this using the API.  
&nbsp;  &nbsp;

joe_pruitt · Answer

The add_* methods are for internal data groups only, external classes are a different beast.  There only API's for external classes are to manage the creation of them.  These were really meant for larger lists that are managed off device and would be uploaded in-whole by another process. 
&nbsp;  
&nbsp; If you are dead-set on an external data group, you'll have to use the ConfigSync.download_file() method to download the data group to your client workstation and the upload_file() method to upload the new changes. 
&nbsp;  
&nbsp; Once you have modified the values of the external data group and would like to notify the iRules engine to re-read it, you can use the Class.set_external_class_file_mode() method to switch the file mode.  Switch it to a different mode than it is and then back again to the original value.  This will trigger the iRules engine to re-read the class file. 
&nbsp;  
&nbsp; If you want granular control of entries, and your lists are not very long, you might want to look at using internal classes. 
&nbsp;  
&nbsp; Hope this helps... 
&nbsp;  
&nbsp; -Joe

joe_pruitt · Answer

Oops, missed your second message.  Since you are working with a large number of entries, you'll want to go with an external class.  You can refer to my tech top on the File Transfer API's if you need to. 
&nbsp;  
&nbsp; http://devcentral.f5.com/Default.aspx?tabid=63&amp;articleType=ArticleView&amp;articleId=144 
&nbsp; Click here&nbsp; 
&nbsp;  
&nbsp; -Joe

gerald_wegener_ · Answer

&nbsp; Joe - 
&nbsp;  
&nbsp; I'm testing right now with around 50k entries so I need the external class file. I was able to load the file after addtions/deletions using 'b load'. I tried your suggestion of changing the file mode and that works as well but without reloading the entire config - which is better. It seems to work OK if even if you don't change the mode e.g. if the mode is currently rw and you add/delete an entry in the external class file then issue: 
&nbsp;   
&nbsp; "b class blacklisttest extern {filename /var/class/blacklist type ip mode rw}" 
&nbsp;  
&nbsp; it will force a read of the external class file. This is ver9.3.1. 
&nbsp;  
&nbsp; Reloading a file with that many entries will raise the CPU quite a bit while loading(on a 6800 CPU0 goes up above 50-60% on an otherwise idle box) and CPU1(TMS) bumps up a bit but not nearly as much. Is there anyway around this to limit the impact to the box when loading large files? 
&nbsp;  
&nbsp; Thanks for the tip on uploading files via the API since that was next on my list. 
&nbsp;  
&nbsp; Gerry 
&nbsp;  
&nbsp;  
&nbsp;  &nbsp;

Forum Discussion

Writing to an external class file

4 Replies

Recent Discussions

Office Online Server with SharePoint 2016

health monitor source IP address

How to target only webview rendering with CSS?

ltm policy asm_auto_l7_policy

MAC address not showing up in LLDP packet

Related Content

Hey ChatGPT, can you write iRules?

CSV to Address External Datagroup File

Ping External Class

External Data Group / Class Manipulation

External Monitor Information and Templates