Forum Discussion

fraandres's avatar
fraandres
Icon for Nimbostratus rankNimbostratus
Mar 24, 2023

iRule datagroup sideband

I been trying to use HSSR to use a curl to add an IP to a datagroup, here is my code but still can't figure out what I"m missing

the curl works if I use this, but Need to use it on a iRule any help will be appreciated

 

curl -ku "admin:admin" -X PATCH -H 'Content-type: application/json' -d '{ "name":"active_visitor_ips" }' https://localhost/mgmt/tm/ltm/data-group/internal/active_visitor_ips?options=records%20add%20%7b%2010.125.8.6%20%7b%20data%20IP%20%7d%20%7d |jq .

Edit: I got the debugs.

<ACCESS_POLICY_COMPLETED>: {/data-group/internal/active_visitor_ips?options=records%20add%20%7b%2010.125.135.5%20%7b%20data%20IP%20%7d%20%7d}

<ACCESS_POLICY_COMPLETED>: HSSR 10.125.94.10:58173: http_req arguments must be '-option value' pairs

01220001:3: TCL error: /Common/session_test <ACCESS_POLICY_COMPLETED> - http_req arguments must be '-option value' pairs (iRule proc "/Common/HSSR::http_req") (line 1) invoked from within "call /Common/HSSR::http_req -uri "https://localhost/"-method -X PATCH -H -type -userid admin -passwd admin application/json -body $jsonBody -rbody"

 

 

when ACCESS_POLICY_COMPLETED {
set clientip [ACCESS::session data get "session.user.clientip"]
set jsonBody "{curl -ku \"admin:admin\" \'Content-type: application/json\' -d \'{ \"name\":\"active_visitor_ips\" }\' /data-group/internal/active_visitor_ips?options=records%20add%20%7b%20$clientip%20%7b%20data%20IP%20%7d%20%7d |jq .}"
log local0. $jsonBody

#set jsonBody "{curl -ku \"admin:admin\" \'Content-type: application/json\' -d \'{ \"name\":\"active_visitor_ips\" }\'}"
#set jsonBody "{ \"shared-secret\":\"$checkpoint_api_secret\", \"ip-address\":\"$clientip\", \"user\":\"$api_username\" , \"session-timeout\":$timeout }"
set send_info [call /Common/HSSR::http_req -uri "https://localhost/"-method -X PATCH -H -body $jsonBody -rbody]
#log local0. $apiResp

if{[IP::$clientip equals active_visitor_ips]}{

HTTP::redirect "https://captive-portal.com"
}

}

when ACCESS_SESSION_CLOSED {
set clientip [ACCESS::session data get "session.user.clientip"]
# run sideband http PATCH request to remove this clientip from active_visitor_ips datagroup
#set send_info [send PATCH "/mgmt/tm/ltm/datagroup/internal/active_visitor_ips\?options=delete$data"]
}

  • Hi fraandres, you might reformat your question to put all code and debug info in code blocks so it's easier to read.  If I'm following correctly, in using the HSSR, you should just need to pass the details of your request, it will not be able to do anyting with curl:

     

    call /Common/HSSR::http_req \
    -uri "http://localhost/mgmt/tm/ltm/data-group/internal/active_visitor_ips?options=records%20add%20%7b%2010.125.135.5%20%7b%20data%20IP%20%7d%20%7d" \
    -method PATCH \
    -rbody