milo
Aug 09, 2011Nimbostratus
This iRule should be simple
I was asked to create a security policy that forwarded traffic based on specific strings in the URI to a 3rd party server via SSL. After cobbling a few rules together, I came up with something that appeared to be working. But, after some testing, it was discovered that all traffic was being sent to the 3rd party server after the secured traffic triggered the irule. Can you please tell me what I am missing in the irule?
when HTTP_REQUEST {
set secure_service 0
if { [HTTP::uri] starts_with "/abc" } {
set secure_req [findstr [HTTP::uri] "abc" 4]
set secure_service 1
}
if { $secure_service == 1 } {
HTTP::uri /10521/$secure_req
snatpool secure_snat
pool secure
log "The secure request received is $secure_req"
log "The secure URL is [HTTP::uri]"
}
}
when SERVER_CONNECTED {
if { $secure_service == 0 } {
SSL::disable
}
}
when HTTP_RESPONSE {
if { $secure_service == 1 } {
log "HTTP Status is [HTTP::status] from server [IP::remote_addr]"
log "Service is $secure_service"
}
}