iRule to detect url and forward port.

I would stick with your first example. Couple of thoughts: What is the status of the socket01 pool? Does the server have a route back? (Should you also be using snat) are you sure 5001 isn't expecting ssl? Add some log statements to your rule so you know where you are in the rule when the request is coming in.

thanks for your reply this is structure - node/pool monitor by http [port 80/5001] and status is green. - please explain more about "route back" - I dont enable SNAT - We use front end with https for encrypt data and dont need to regist new ssl license (shared ssl domain)

Thank and cheer.

Hello,

This shouldn't be any problem at all. Thank you for sharing the architecture it really helps 🙂 Your code is good. Just add the following log statements from my example and you will see the entries in /var/log/ltm.

when HTTP_REQUEST {
   log local0. "Http path equals [HTTP::path]"
   
        switch -glob [string tolower [HTTP::path]] {
        "/fristpath/_" {
        log local0. "http path was [HTTP::path] --> Going to fristpool"   
            
            pool fristpool
   }
   
   "/secpath/_" {
        log local0. "http path was [HTTP::path] --> Going to secpool"      
   pool secpool    
   }
   
   "/socket01/*" {
 log local0. "http path was [HTTP::path] --> Going to socket01 pool"      
   pool socket01 
   }
  } 
}

I tested most of the common variables of the URL's in your examples. Here is my log output:

/Common/Redirect_Path : http path equals /                                         
/Common/Redirect_Path : http path equals /fristpath                                
/Common/Redirect_Path : http path equals /fristpath/_                              
/Common/Redirect_Path : http path was /fristpath/_--> Going to fristpool           
/Common/Redirect_Path : http path equals /secpath/                                 
/Common/Redirect_Path : http path equals /secpath                                  
/Common/Redirect_Path : http path equals /secpath/_                                
/Common/Redirect_Path : http path was /secpath/_--> Going to secpool               
/Common/Redirect_Path : http path equals /secpath/_hello                           
/Common/Redirect_Path : http path equals /secpath/_.hello                          
/Common/Redirect_Path : http path equals /socket01                                 
/Common/Redirect_Path : http path equals /socket01/                                
/Common/Redirect_Path : http path was /socket01/ --> Going to socket01 pool        
/Common/Redirect_Path : http path equals /socket01/hello                           
/Common/Redirect_Path : http path was /socket01/hello --> Going to socket01 pool   
     

Thank you bhs, FYI, the program was build with C HttpListener class at the backend server.

Right now, iRule script is working fine and the log was show like your suggestion.

Then I have installed the WireShark at backend server but no incoming log show in WireShark.

I point to the iRule does not send the request to the backend server.

Hi,

If you are using v11.4+ then I would look into using LTM policies to achieve the desired outcome. http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-concepts-11-4-0/3.html

Dear All, this problem resoled traffic from public cant to pass to backend server bcz my network team make a misstake to allow http access and this firewall is secret I dont know b4.

thanks you every body and sorry with stupid problem. solved on 7 Sep,2014