Forum Discussion

BaltoStar_12467's avatar
BaltoStar_12467
May 07, 2015

BIG-IP : irule class match with wildcards

F5 BIG-IP Virtual Edition v11.4.1 (Build 635.0) LTM on ESXi

Can 

[class match]
be used to match its arg against a list of strings containing wildcards ? 

[class match [string tolower [HTTP::path]] contains whitelist]

whitelist
data-group

"/default.html"
"/desert-dwellers/camel.html"
"/amphibians/*"
"/kids-favorites-*"
"/smelly/goat-*-juvenile"

So all of the following paths would match positive against 

whitelist
: 

`"default.html"
"/desert-dwellers/camel.html"
"/amphibians/platypus.html"
"/kids-favorites-1.html"
"/kids-favorites-2.html"
"/smelly/goat-billy-juvenile"
"/smelly/goat-nanny-juvenile"

If 

[class match]
data-group does not support wildcards is there another syntax possible - such as partial-matching ( left-to-right ) of any entry in the data-group ?

application delivery
class
design
devops
irule
iRules
LTM

9 Replies

Sort By
  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    May 07, 2015

    Can [class match] be used to match its arg against a list of strings containing wildcards ?

    i do not think so.

    anyway, since you are using contains, why don't you remove asterisk in the data group?

    "/default.html"
"/desert-dwellers/camel.html"
"/amphibians/"
"/kids-favorites-"
    • BaltoStar_12467's avatar
      BaltoStar_12467
      May 07, 2015
      thanks nitass yes that works for data-group list items i posted - but what about "/smelly/goat-*-juvenile" or similar mid-match ?
    • nitass_89166's avatar
      nitass_89166
      Icon for Noctilucent rankNoctilucent
      May 07, 2015
      you are right. mid-match won't work. there is no simple solution yet.
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    May 07, 2015

    Can [class match] be used to match its arg against a list of strings containing wildcards ?

    i do not think so.

    anyway, since you are using contains, why don't you remove asterisk in the data group?

    "/default.html"
"/desert-dwellers/camel.html"
"/amphibians/"
"/kids-favorites-"
    • BaltoStar_12467's avatar
      BaltoStar_12467
      May 07, 2015
      thanks nitass yes that works for data-group list items i posted - but what about "/smelly/goat-*-juvenile" or similar mid-match ?
    • nitass's avatar
      nitass
      Icon for Employee rankEmployee
      May 07, 2015
      you are right. mid-match won't work. there is no simple solution yet.
  • Samir_Jha_52506's avatar
    Samir_Jha_52506
    Icon for Noctilucent rankNoctilucent
    May 07, 2015

    i do not think you need asterisk (*) in data group since you are using class match. Can you please try this. 

    whitelist
    data-group

         "/default.html"
    "/desert-dwellers/camel.html"
    "/amphibians/platypus.html"
    "/kids-favorites-1.html"
    "/kids-favorites-2.html"


    iRule

        when HTTP_REQUEST {
         if { [matchclass [HTTP::uri] starts_with whitelist] } {
            HTTP::redirect "http://www.xyz.com"
                }
            }
  • Stan_Ward's avatar
    Stan_Ward
    Icon for Altocumulus rankAltocumulus
    Aug 05, 2020

    This is an old thread, but I've encountered a similar requirement, and am considering the following.: doing a search on the data-group and iterating over the entire list. The keys would be RegEx match strings and the values would be RegEx translation strings. It means that the RegEx compare of the source URL must happen against each returned search item using a RegEx compare. It loses the benefit of the more efficient list searching of class, but still allows storing the match and translation entries in a data-group with any conceivable match or translation rule.

     

    The use case is a generic redirector with 1500+ entries, some of which have strange mapping requirements, i.e.

     

    *.domainA.com/[path1 | path2 ]/index.jsp -> *.domainB.com/path3/index.jsp

    *.domainA.com/*/index.jsp -> *.domainB.com/*/index.jsp

     

    where both the hostname and the path have mappings to be done, and we can't enumerate all the possible combinations as explicit rules (we literally don't know what values are legal). Ugly, but not very high volume; mostly used for situations where we acquired a domain and the old function has been split in to two new destinations; we expect them to bookmark the new URL once they are there.

     

    Most of the rules are not nearly that complicated, so perhaps it could be two data groups, one for the 95% case that can do a normal class match ''starts_with' or 'contains', and if that doesn't hit, search the second one for the ugly stuff. The value can be a RegEx translation string in either case; it's the wildcard source that is the problem.