Forum Discussion

Akhilesh_128432's avatar
Akhilesh_128432
Icon for Nimbostratus rankNimbostratus
Mar 06, 2016

My F5 Irule- Need some help

Below are some of the content of our HTTP body and we are trying to parse and filter out auth token from HTTP response for persistence.we have added below irule.

 

{"username":"XStore24User","authToken":"87cd528d-fa28-43f7-b11c-c9bed53d0e4b","validityPeriod":3600000,"clientId":"phonetop-device","clientHost":"10.80.15.42","clientAddress":"10.80.15.42","creationTimestamp":1456550435252,"logConfig":{"clientId":"phonetop-

 

when HTTP_RESPONSE {

 

trigger collection for up to 1MB of data

 

if {([HTTP::header exists "Content-Length"]) && ([HTTP::header "Content-Length"] <= 1000000)}{

 

set content_length [HTTP::header "Content-Length"]

 

} else {

 

set content_length 1000000

 

}

 

HTTP::collect $content_length

 

}

 

when HTTP_RESPONSE_DATA {

 

if {[HTTP::payload] contains "authToken"} {

 

set authToken [findstr [HTTP::payload] "authToken" 12 "36"]

 

persist add uie $authToken

 

}

 

HTTP::release

 

}

 

Now am able to extract the 1MB data ,but after collecting it's not able to read the payload and extract my authtoken.

 

I put some print message to see if I can list some payload data but its shows some content in binary format in /var/log/ltm. I tried with content length as 100 and still got the same error.

 

Could you please let me know if there is any thing am missing in my irule.

 

Thanks, Akhi

 

application delivery
LTM

13 Replies

Sort By
  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    Mar 06, 2016

    I put some print message to see if I can list some payload data but its shows some content in binary format in /var/log/ltm.

     

    did you remove accept-encoding header in request?

     

    • Akhilesh_128432's avatar
      Akhilesh_128432
      Icon for Nimbostratus rankNimbostratus
      Mar 06, 2016
      No I didn't. I am not that much pretty much aware of that. is this something below like this, when HTTP_REQUEST { if {[HTTP::header exist "Accept-Encoding"]} { HTTP::header remove "Accept-Encoding" "" } }
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 06, 2016

    I put some print message to see if I can list some payload data but its shows some content in binary format in /var/log/ltm.

     

    did you remove accept-encoding header in request?

     

    • Akhilesh_128432's avatar
      Akhilesh_128432
      Icon for Nimbostratus rankNimbostratus
      Mar 06, 2016
      No I didn't. I am not that much pretty much aware of that. is this something below like this, when HTTP_REQUEST { if {[HTTP::header exist "Accept-Encoding"]} { HTTP::header remove "Accept-Encoding" "" } }
  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    Mar 06, 2016

    is this something below like this,

     

    when HTTP_REQUEST { if {[HTTP::header exist "Accept-Encoding"]} { HTTP::header remove "Accept-Encoding" "" } }

     

    you can just remove it (no need to check if header exists before).

     

    another way is to use header-erase setting in http profile.

     

    • Akhilesh_128432's avatar
      Akhilesh_128432
      Icon for Nimbostratus rankNimbostratus
      Mar 06, 2016
      Thanks for your quick response. I have updated those entries in my Irule. pasting below. Could you please confirm. when HTTP_RESPONSE { if {[HTTP::header exist "Accept-Encoding"]} { HTTP::header remove "Accept-Encoding" "" } } when HTTP_RESPONSE { trigger collection for up to 1MB of data if {([HTTP::header exists "Content-Length"]) && ([HTTP::header "Content-Length"] <= 1000000)}{ set content_length [HTTP::header "Content-Length"] } else { set content_length 1000000 } HTTP::collect $content_length } when HTTP_RESPONSE_DATA { if {[HTTP::payload] contains "authToken"} { set authToken [findstr [HTTP::payload] "authToken" 12 "36"] persist add uie $authToken } HTTP::release } Also could you please share couple of dev central article to configure erase setting in HTTP Profile. Thanks, Akhi
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 06, 2016

    is this something below like this,

     

    when HTTP_REQUEST { if {[HTTP::header exist "Accept-Encoding"]} { HTTP::header remove "Accept-Encoding" "" } }

     

    you can just remove it (no need to check if header exists before).

     

    another way is to use header-erase setting in http profile.

     

    • Akhilesh_128432's avatar
      Akhilesh_128432
      Icon for Nimbostratus rankNimbostratus
      Mar 06, 2016
      Thanks for your quick response. I have updated those entries in my Irule. pasting below. Could you please confirm. when HTTP_RESPONSE { if {[HTTP::header exist "Accept-Encoding"]} { HTTP::header remove "Accept-Encoding" "" } } when HTTP_RESPONSE { trigger collection for up to 1MB of data if {([HTTP::header exists "Content-Length"]) && ([HTTP::header "Content-Length"] <= 1000000)}{ set content_length [HTTP::header "Content-Length"] } else { set content_length 1000000 } HTTP::collect $content_length } when HTTP_RESPONSE_DATA { if {[HTTP::payload] contains "authToken"} { set authToken [findstr [HTTP::payload] "authToken" 12 "36"] persist add uie $authToken } HTTP::release } Also could you please share couple of dev central article to configure erase setting in HTTP Profile. Thanks, Akhi
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 06, 2016

    I have updated those entries in my Irule. pasting below. Could you please confirm.

    it is in request (not response).

    Also could you please share couple of dev central article to configure erase setting in HTTP Profile.

    Content erasure from HTTP headers

You can configure a profile to erase the contents of a header from an HTTP request that is being sent from a client to a server. With this feature, you can erase header content from HTTP requests before forwarding the requests over the network. Such headers might contain sensitive information, such as user IDs or telephone numbers, that must be erased before the information is forwarded.

When you use this setting, the BIG-IP system erases the contents of the specified header and replaces that content with blank spaces. The header itself is retained.

Note: This feature does not apply to HTTP responses being sent from a server to a client.

The client header with the contents to be erased must be specified as a quoted string.

    Content erasure from HTTP headers

    https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-profiles-reference-11-6-0/2.html
    • Akhilesh_128432's avatar
      Akhilesh_128432
      Icon for Nimbostratus rankNimbostratus
      Mar 06, 2016
      But I am doing a persistence from HTTP response and not from HTTP header ,so Do I need to remove the encoding from HTTP_response then?
  • nitass_89166's avatar
    nitass_89166
    Icon for Noctilucent rankNoctilucent
    Mar 06, 2016

    I have updated those entries in my Irule. pasting below. Could you please confirm.

    it is in request (not response).

    Also could you please share couple of dev central article to configure erase setting in HTTP Profile.

    Content erasure from HTTP headers

You can configure a profile to erase the contents of a header from an HTTP request that is being sent from a client to a server. With this feature, you can erase header content from HTTP requests before forwarding the requests over the network. Such headers might contain sensitive information, such as user IDs or telephone numbers, that must be erased before the information is forwarded.

When you use this setting, the BIG-IP system erases the contents of the specified header and replaces that content with blank spaces. The header itself is retained.

Note: This feature does not apply to HTTP responses being sent from a server to a client.

The client header with the contents to be erased must be specified as a quoted string.

    Content erasure from HTTP headers

    https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-profiles-reference-11-6-0/2.html
    • Akhilesh_128432's avatar
      Akhilesh_128432
      Icon for Nimbostratus rankNimbostratus
      Mar 06, 2016
      But I am doing a persistence from HTTP response and not from HTTP header ,so Do I need to remove the encoding from HTTP_response then?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 06, 2016

    But I am doing a persistence from HTTP response and not from HTTP header ,so Do I need to remove the encoding from HTTP_response then?

     

    accept-encoding header in request is used to tell server that client can accept compressed content. removing the header will make server send uncompressed content, so you will be able to parse it.

     

    How To Optimize Your Site With GZIP Compression

     

    http://betterexplained.com/articles/how-to-optimize-your-site-with-gzip-compression/