The specific irule parts are below
when RULE_INIT
{
Log debug to /var/log/ltm? 1=yes, 0=no
set static::debug 0
}
when HTTP_REQUEST
{
Collect up to the first 1MB of POST data
log local0. "Checking post method [HTTP::method] uri: [HTTP::uri] http_version: [HTTP::version] IP: [IP::client_addr]"
log local0. "Headers: [HTTP::request]"
if {[HTTP::method] eq "POST"}
{
Check if there is a content-length header and the value is set to less than 1Mb
if {[HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] <= 10048576}
{
set clength [HTTP::header "Content-Length"]
} else
{
set clength 10048576
}
log local0. "Checking content length $clength IP: [IP::client_addr]"
if { $clength > 0}
{
if {$static::debug}{log local0. "[virtual name]: Collecting $clength bytes IP: [IP::client_addr]"}
HTTP::collect [HTTP::header "Content-Length"]
}
}
}
when HTTP_REQUEST_DATA
{
incoming data
log local0. "$[HTTP::payload]"
set vendoridincoming [findstr [HTTP::payload] "BuyerCookie" 12 100]
log local0. "Vendorid from live incoming request is $vendoridincoming"
Save a class name to search through
set class_name Vendorlist
log local0. "$class_name"
set success 0
Save a search ID for the datagroup
set id [class startsearch $class_name]
log local0. "$id"
set vendorlistsize 0
log local0. "$vendorlistsize"
Loop through the class row by row
while {[class anymore $class_name $id]}
{
set element [class nextelement $class_name $id]
log local0. "[class nextelement $class_name $id]: $element"
set vendorid [class element -name $vendorlistsize $class_name]
set vendorsharedsecret [class element -value $vendorlistsize $class_name]
log local0. "vendorid at position $vendorlistsize is $vendorid"
log local0. "vendorsharedsecret at position $vendorlistsize is $vendorsharedsecret"
if {$vendoridincoming contains $vendorid}
{
log local0. "Incoming Vendor id matched with $vendorid"
if {[HTTP::payload] contains $vendorsharedsecret}
{
log local0. "Incoming Vendor Shared Secret matched with $vendorsharedsecret"
set success 1
break
}
}
incr vendorlistsize
unset vendorid
unset vendorsharedsecret
}
Clean up the search
class donesearch $class_name $id
if {$success==1}
{
reject
HTTP::respond 200 content {
Access Denied
You have attempted an authorised access to this site
Your attempt has been logged and may be prosecuted.
}
}
}
when HTTP_RESPONSE
{
log local0. "In http response"
log local0. "succes at start of http response is $success"
if {$success == 1}{
log local0. "Vendor matched"
log local0. "succes at if success is $success"
}
else
{
log local0. "Vendor Shared Secret not matched"
log local0. "succes at else failure response is $success"
HTTP::respond 200 content {
Access Denied
You have attempted an authorised access to this site
Your attempt has been logged and may be prosecuted.
}
reject
}
}