rewrite ldaps request

Question

Hello,&nbsp;I have to rewrite an LDAPs request by an irule. My goal is replace a string by another one. Here is objectClass=person to objectClass=*&nbsp;I tried differents things but LDAP server doesn't understand what I sent to it.&nbsp;Here is my code. I put key word "LDAP" in my log to grep it easily&nbsp;Code
when RULE_INIT {
     translate into hexa
    binary scan "objectClass=person" H* static::class1
    binary scan "objectClass=*" H* static::class2
}

when CLIENTSSL_HANDSHAKE {
SSL::collect
}

when CLIENTSSL_DATA {
     binary scan [SSL::payload] H* temp(hex_ssl_payload)
     if { $temp(hex_ssl_payload) contains $static::class1 } then {
       SSL::payload replace 0 $static::class1 $static::class2
    } else {
            log -noname local0.debug "LDAP request NOK"
}
    SSL::release
}I don't really know if the tranlation into hexa is the right way.&nbsp;Regards&nbsp;

cwat_115731 · Answer

Finallaly I success what I wanted.
Here is my new question.
The LDAP VIP is an offload VIP. Between the F5 and the ldap server is LDAP and not LDAPs.&nbsp;
How can I do after ssl::release to change it to tcp::release ?&nbsp;
Regards&nbsp;

Forum Discussion

rewrite ldaps request

1 Reply

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

Logging DNS Requests

Need iRule for logging all LDAPS requests to HSL Splunk

Rewriting iRules...LIVE!

Request POST Header Rewrite of Origin and Referer