Forum Discussion

ehergott_345008's avatar
ehergott_345008
Icon for Nimbostratus rankNimbostratus
Mar 28, 2018

Apply iRule to Forwarding IP virtual server

Have a virtual server set up as a Forwarding IP virtual server. Older hardware one of the only ways I could get it to work. Virtual server is same IP as the server itself. I have an iRule to need to apply. However it states I need an HTTP profile selected. I do not see this as an option.

 

Anyways to apply the iRule to this virtual?

 

3 Replies

  • There is no option to configure HTTP profile for Forwarding IP type virtual. May I know what you are using in the iRule?

     

    Assuming you are using it for logging, use "when CLIENT_ACCEPTED" rather than "when HTTP_REQUEST".

     

    -Harsha.

     

  • You can’t assign access profile to non http vs.

     

    You can’t assign http profile to forwarding vs.

     

    But you can store in a table clientip addresses authenticated with session cookie value as value.

     

    When a client access the non http vs, check if the IP address is in table and check if the session variable is still valid!

     

  • You can work with a code like that:

     

    iRule to assign to webtop VS

     

    when ACCESS_ACL_ALLOWED {
        table set -subtable enforcewebtop [IP::client_addr] [ACCESS::session sid] [PROFILE::access inactivity_timeout] [PROFILE::access max_session_timeout]
    }

    iRule to assign to Forwarding VS

     

    when CLIENT_ACCEPTED {
        if {!([set sid [table lookup -subtable IPAdmins [IP::client_addr]]] ne "" && [ACCESS::session exists -state_allow $sid])} {
            drop
        }
    }