Forum Discussion

williehood_2622's avatar
williehood_2622
Icon for Nimbostratus rankNimbostratus
Aug 23, 2018

irule redirect pool uri http or https

I'm writing irule, I have two pools one for hhtps traffic and one for http traffic. I would like to have irule that based on uri "ex ; goes to http on pool1 any other port 80 redirects to https pool 2.

 

/Content pool1 http://www.example.com/Content, else pool2 https://www.example.com

 

when HTTP_REQUEST { switch [string tolower [HTTP::uri]] {

 

“/content” { pool unsecure_80 HTTP::redirect "http://[HTTP::host][HTTP::uri]" } "default" { pool secure } HTTP::redirect "http://[HTTP::host][HTTP::uri]"

 

} }

 

  • Think your requirement is quite below,

    1. http traffic with /content - Allow to unsecure_80
    2. http traffic without /content - Not Allow to unsecure_80 redirect to secure
    3. https traffic with /content - Allow to secure
    4. https traffic without /content - Not Allow to secure redirect to unsecure_80

    Apply the below rule_http to 80VS

    ltm rule rule_http {
    when HTTP_REQUEST { 
    switch [string tolower [HTTP::uri]] { 
    “/content” { pool unsecure_80 } 
    "default" { HTTP::redirect "https://[HTTP::host][HTTP::uri]" } 
    }
    }
    }
    

    Apply the below rule_https to 443VS

    ltm rule rule_https {
    when HTTP_REQUEST { 
    switch [string tolower [HTTP::uri]] { 
    “/content” { HTTP::redirect "http://[HTTP::host][HTTP::uri]" } 
    "default" { pool secure } 
    }
    }
    }
    

    I'm sure there are lot of ways this can be achieved with single VIP Irule logic too. But this is clean and simple according to me.

  • You can assign a LTM policy (Best Match) to Virtual Server with 2 rules like this: URI path start_with (any of) /content then forward to pool1 Default: forward to pool2

     

  • Your requirement seems like the example of SSL::disable wiki.

     

    you can use this code:

     

    when HTTP_REQUEST { 
        switch -glob -- [string tolower [HTTP::uri]] { 
            "/content*" { 
                pool unsecure_80
                set usessl 0
            } 
            default { 
                pool secure
                set usessl 1
            } 
        }
    }
    
    when SERVER_CONNECTED {
      if { $usessl == 0 } {
        SSL::disable
      }
    }

    Note : Code edited... default statement must be without quotes.