class command please explain??

I'll go check the wiki page and update it if necessary, but the brief explanation is:

 

 

The class command is fully functional on both internal and external data groups. The only thing that is external only is the use of the := separator to build name / value pairs inside your classes.

 

 

Colin

Hi Colin,

 

 

Is there some reason that you can't use the name / value pair using := as a separator for internal classes?

 

 

It would be nice to be able to use the -name and -value flags with the class command against internal classes.

 

 

Aaron

I think there could be a misunderstanding here. "Internal classes" refers to classes that are pre-defined on the BIG-IP, such as the class of private IP addresses. These classes do not have values, just keys ("names"). So you should be able to use the class command normally with them.

I tried testing this before, but didn't get anything back for the value using -value. If this should work for standard (non-external) classes, I'm not sure I'm configuring the class correctly. I've tried a few ways:

 
 class name_value_class { 
    { 
       "\"name1\" := \"value1\"" 
       "\"name2\" := \"value2\"" 
       "\"name3\" := \"value3\"" 
       "name4 := value4" 
       "\"name5 := value5\"" 
    } 
 } 
 

 
 when RULE_INIT { 
  
    for {set i 0} {$i < [class size name_value_class]} {incr i} { 
       log local0. "[class element -name $i name_value_class] -> [class element -value $i name_value_class]" 
    } 
 } 
 

And the log output:

: "name1" := "value1" ->

: "name2" := "value2" ->

: "name3" := "value3" ->

: name4 := value4 ->

: "name5 := value5" ->

Aaron

I've looked into this a bit more, and discovered that while this was not able to be implemented for the 10.0 timeframe, you should expect the ability to use key/value pairs in internal classes in an upcoming release.

Hi Spark,

 

 

Thanks for that. I opened C596622 for this yesterday, so maybe that wound it's way to you. If not, could you pass some info to the NSE?

 

 

Thanks,

 

Aaron

I hadn't see this yesterday, but grabbed it today. Info should be forthcoming.

Thanks Spark. I received an update today. It looks like it will possibly be supported in 10.1 (?).

 

 

Aaron

Hi Guys,

 

 

Can anyone give me an example of possible strings that could be used in the 'value' field, particularly when configuring Data Group list of type address in v10.1.0.

 

After adding my IP addresses I'm not sure what values could be used.

 

 

Any suggestions?

For all current versions, you can create an address type datagroup in the GUI under Local Traffic >> iRules >> Datagroup List tab >> Create. Select a type of 'Address' and enter the host and/or networks you want.

Optionally, in v10.1, you can add a corresponding value to the datagroup. I assume this allows you to specify an arbitrary string that the class command can return if the IP address evaluation matches. Here is a sample class as listed in the bigip.conf:

  
  class private_net {  
     {  
        host 1.1.1.1 { "test1" }  
        network 2.2.2.0/24 { "test2" }  
        network 10.0.0.0/8  
        network 172.16.0.0/12  
        network 192.168.0.0/16  
     }  
  }  
  

And here is a simple logging iRule which references the class:

  
  when RULE_INIT {  
       
     log local0. "\[class match 2.2.2.2 equals private_net\]: [class match 2.2.2.2 equals private_net]"  
     log local0. "\[class search -value private_net equals 2.2.2.2\]: [class search -value private_net equals 2.2.2.2]"  
     log local0. "\[class search -value private_net equals 2.2.2.2/24\]: [class search -value private_net equals 2.2.2.2/24]"  
  }  
  

And the log output:

Rule class_v10.1_rule : [class match 2.2.2.2 equals private_net]: 1

Rule class_v10.1_rule : [class search -value private_net equals 2.2.2.2]: test2

Rule class_v10.1_rule : [class search -value private_net equals 2.2.2.2/24]: test2

Aaron