NimbostratusWe have an existing iRule and datagroup,
when HTTP_REQUEST {
set uri [HTTP::uri]
if {[class match $uri starts_with DG1]} {
pool POOL_SSL
}
if {[class match $uri eq DG_EXACT] or $uri eq "/" } {
pool POOL_SSL
}
}
Is it possible to use a wildcard like "/*" in the datagroup such that we no longer need to add thousands of URI in the future?
MVPIf your intention is to allow every URI of a particular domain, why do you put wildcard of /* rather than just whitelisting the particular domain itself.
So you need not worry of adding thousands of URI, but just allow that particular host.
when HTTP_REQUEST {
if { [HTTP::host] contains "domain.com" }
{ pool POOL_SSL }
else
{ drop }
}
CumulonimbusIs it possible to use a wildcard like "/*" in the datagroup such that we no longer need to add thousands of URI in the future?
When reading your code, you can see there are 2 Datagroups
So the code seems good!
CumulonimbusThis code may replace all irules!
when HTTP_REQUEST {
set uri [HTTP::uri]
set target [getfield [HTTP::uri] "/" 2]
if {[class match $uri starts_with DG2]} {
pool POOL_OTHER1
} else {
switch -glob -- [HTTP::uri] {
"*/other2*" -
"/other2_1*" -
"/other2_1*" {
pool POOL_OTHER2
}
"/other3*" -
"/other3_1*" -
"/other3_2*" -
"/" {
pool POOL_OTHER3
}
"/other3_3*" {
pool POOL_OTHER3_3
}
"/3_4*"{
pool POOL_OTHER3_4
}
"/3_5/" {
pool POOL_OTHER3_5
}
"/3_6/" {
pool POOL_OTHER3_6
}
default {
pool POOL_SSL
}
}
}
}
when SERVER_CONNECTED {
if { [LB::server pool] eq "POOL_OTHER2" } {
SSL::disable serverside
}
}