moving redirects from server to F5 irule

Question

I have been tasked with putting irule on F5 which should do what the server does for redirects. Conditions from 80 to 443 or from 443 to 80 
&nbsp; How would this translate into f5 lingo? 
&nbsp; anything to get me rolling is much appreciated!!! 
&nbsp;  
&nbsp; if hitting the VIP on port 443: 
&nbsp; code from web server: 
&nbsp; RewriteCond %{SERVER_PORT} =443 
&nbsp; RewriteCond %{REQUEST_METHOD} !^POST$ 
&nbsp; RewriteCond %{REQUEST_URI} /DealerNetwork/(.*)\.do(.*) [OR] 
&nbsp; RewriteCond %{REQUEST_URI} /DealerNetwork/category/(.*) 
&nbsp; RewriteCond %{THE_REQUEST} /DealerNetwork/login.do(.*)logout [OR] 
&nbsp; RewriteCond %{REQUEST_URI} !/DealerNetwork/login.do(.*) 
&nbsp; RewriteCond %{REQUEST_URI} !/DealerNetwork/registration.do(.*) 
&nbsp; RewriteCond %{REQUEST_URI} !/DealerNetwork/forgotPasswd.do(.*) 
&nbsp; RewriteCond %{REQUEST_URI} !/DealerNetwork/showProfile.do(.*) 
&nbsp; RewriteRule ^/(.*) http://%{SERVER_NAME}/$1 [R,L] 
&nbsp;  
&nbsp;  Login, profile and registration pages should be secure. Logout is an exception 
&nbsp; of login.do: 
&nbsp; RewriteCond %{HTTPS} =off 
&nbsp; RewriteCond %{SERVER_PORT} =80 
&nbsp; RewriteCond %{REQUEST_METHOD} !^POST$ 
&nbsp; RewriteCond %{THE_REQUEST} !/DealerNetwork/login.do(.*)logout 
&nbsp; RewriteCond %{REQUEST_URI} /DealerNetwork/login.do(.*) [OR] 
&nbsp; RewriteCond %{REQUEST_URI} /DealerNetwork/registration.do(.*) [OR] 
&nbsp; RewriteCond %{REQUEST_URI} /DealerNetwork/forgotPasswd.do(.*) [OR] 
&nbsp; RewriteCond %{REQUEST_URI} /DealerNetwork/showProfile.do(.*) 
&nbsp; RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L] 
&nbsp;  
&nbsp; anything to get me rolling is much appreciated!!!

the_bhattman · Answer

To handle redirects there are a number of ways to handle this. 
  
 One example is the following

when HTTP_REQUEST {  
  if { ([HTTP::host] eq "www.something.com") and ([TCP::local_port] eq "80") and ([HTTP::method] eq "POST"}) } {  
  switch -glob [HTTP::uri] {  
  "/DealerNetwork/login*" - 
  "/DealerNetwork/registration.do*" -  
  "/DealerNetwork/forgotPasswd.do*" -  
  "/DealerNetwork/showProfile.do*"  
  { 
  HTTP::redirect "https://[HTTP::host][HTTP::uri]" 
  } 
  } 
  } 
  }

In regards to the https to HTTP. You would need to make the SSL Cert is with the LTM otherwise it won't decrypt 
 the traffic for you to use the irule similiar to above. 
  
 Of course this is just a example. 
  
 I hope this helps 
  
 CB

jace_45978 · Answer

thanks yes I believe this will get me going... for https to http we will be loading the CERT onto the LTM I will be testing with this soon. 
&nbsp; thanks &nbsp;

hooleylist · Answer

More generally, here are a few commands which correspond to the values you had in the apache rewrite rules: 
&nbsp;  
&nbsp; SERVER_PORT[TCP::local_port] (Click here) 
&nbsp; REQUEST_METHOD[HTTP::method] (Click here) 
&nbsp; REQUEST_URI[HTTP::uri] (Click here) 
&nbsp;  
&nbsp; Also, to get the path of the URI (URI minus query string), you can use [HTTP::path] (Click here). 
&nbsp;  
&nbsp; Aaron

jace_45978 · Answer

Thanks! This worked like a charm....

Forum Discussion

moving redirects from server to F5 irule

4 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Moving from Viprion to rseries

Anchor Link Redirect

Shape Security and Volterra moving to F5 Distributed Cloud Services

Moving Target

Server Profile SNI