Forum Discussion

JoeTheFifth's avatar
JoeTheFifth
Icon for Altostratus rankAltostratus
Mar 09, 2017

Intercept status codes and redirect

I'm currently trying to find redirection mecanism based on status codes from server response. scenario is: Check for 2 two consecutive 401 status codes plus a 302 then a 200 + string in the 200 status code response. if these conditions are met => redirect to login page. Question 1: Is this possible with an irule? I did a simple 401 status check and I can see the status in the ltm log. Question 2: performance wise, will this bring the bigip to its knees with about 10.000 users a day? Question 3: what are my possibilities here? irule, access policy ...??

 

Here is the simple rule:

 

when HTTP_RESPONSE { if {[HTTP::status] eq "401"} { log local0. "401" }

 

}

 

If this is is possible then I will need help cooking an irule with variables and stuff :-)

 

the logic would be: 2 401 + 302 + 200 with 'accessdenied' string The simple version is just check for the string accessdenied but I'd like to my the check more reliable with the preceding 2 401 and 302+200 codes.

 

application delivery
BIG-IP
iRules

1 Reply

Sort By
  • Vijay_E's avatar
    Vijay_E
    Icon for Cirrus rankCirrus
    Mar 09, 2017

    Your condition is not easy to track. You can have multiple HTTP requests passing through the F5 in random order for multiple connections. Making a decision based on a sequence of HTTP status code in a single connection seems a bit complicated. I would recommend trying to make a decision based on a specific value in the HTTP request instead of tracking multiple status codes.

     

    You should be able to do something like this for a simple redirect based on status code:

     

    when HTTP_RESPONSE {
  if { [HTTP::status] == 404 } {
    HTTP::redirect "http://www.example.com/not_found.html"
 }
}