Forum Discussion

varun_malik's avatar
varun_malik
Icon for Nimbostratus rankNimbostratus
Sep 07, 2012

http to https redirection for selected IPs

I am using following irule to direct internal requests to port 80 and external requests to port 443, private_IP datagroup contains the IP which are required to go to port 80, all else should be redirected to https. As a result external http requests are redirecting to https, but internally when I try VIP then it forwards to port 80, and if I use URL then it takes me to https, where as requirement is that URL requests from inside should go to 80, added the FW PAT IP in data group but still URL from inside is redirecting to https.

 

 

 

when HTTP_REQUEST {

 

Check if client IP is in the datagroup

 

if {[matchclass [IP::client_addr] equals $::private_IP]}{

 

pool xyz

 

} else {

 

HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]

 

}

 

}

 

 

Thanks

 

application delivery
dev
devops
iRules

3 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Sep 07, 2012
    Hi Varun,

     

     

    If you're on 9.4.4 or higher, remove the $:: prefix from the private_IP data group name and it shoudl work.

     

     

    Aaron
  • varun_malik's avatar
    varun_malik
    Icon for Nimbostratus rankNimbostratus
    Sep 10, 2012
    Hi Aaron

     

     

    Thanks for reply, I tried it but still not working. When I try with VIP then it lands on http, but when I try with URL even from internal IPs then it goes to https, seems like it is not referring to data group when using URL.
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Sep 10, 2012
    Varun,

    Try adding this log statement directly after the event declaration: 

    
log local0. "requesting [HTTP::host] from [IP::client_addr]"

    It's possible that some DNS response to your URL request is sending you down a different path. Also try adding the host to your local HOSTS file for testing.