big-ip F5 irule

怕健忘 紀錄irule

LC 常用

when CLIENT_ACCEPTED {

if { [class match [IP::client_addr] equals "Server1"]} {

                 snatpool snat_proxy1

                 pool GW_ISP1_Pool

} elseif {[class match [IP::client_addr] equals "Server2"]} {

                 snatpool snat_proxy2

                 pool GW_ISP2_Pool

 }else {

                   snatpool Default

                   pool gateway_pool

        }

}

when CLIENT_ACCEPTED {

switch [IP::client_addr] {

"10.10.10.10" { snat 192.169.42.10 }

"10.10.10.11" { snat 192.168.42.11 }

"10.10.10.12" { snat 192.168.42.12 }

"10.10.10.13" { snat 192.168.42.13 }

    default { snat automap }

  }

}

when SERVER_CONNECTED {

log local0. "client [IP::client_addr]:[TCP::client_port] snat [IP::local_addr]:[TCP::local_port] server [IP::server_addr]:[TCP::server_port]"

}

}

when CLIENTED_ACCEPTED {

    switch [IP::client_addr] {

        "10.10.10.10" { 

            log local0. "Snatting 10.10.10.10 to 192.168.42.10"

            snat 192.169.42.10 

        }

        "10.10.10.11" { 

            log local0. "Snatting 10.10.10.11 to 192.168.42.11"

            snat 192.168.42.11 

        }

        "10.10.10.12" { 

            log local0. "Snatting 10.10.10.12 to 192.168.42.12"

            snat 192.168.42.12 

        }

        "10.10.10.13" { 

            log local0. "Snatting 10.10.10.13 to 192.168.42.13"

            snat 192.168.42.13 

        }

        default { 

            log local0. "Snatting [IP::client_addr] to automap"

            snat automap 

        }

    }

}

session persistence  in irule

when HTTP_REQUEST { 

if { [HTTP::cookie exists "JSESSIONID"] } { 

persist uie [HTTP::cookie "JSESSIONID"] 1800 

} else { 

set jsess [findstr [HTTP::uri] "JSESSIONID" 11 ";"] 

if { $jsess != "" } { 

persist uie $jsess 1800

} 

} 

} 

when HTTP_RESPONSE { 

if { [HTTP::cookie exists "JSESSIONID"] } { 

persist add uie [HTTP::cookie "JSESSIONID"] 1800 

} 

}

when HTTP_REQUEST { 

# Check if there is a JSESSIONID cookie 

if {[HTTP::cookie "JSESSIONID"] ne ""}{ 

# Persist off of the cookie value with a timeout of 2 hours (7200 seconds) 

persist uie [string tolower [HTTP::cookie "JSESSIONID"]] 7200 

# Log that we're using the cookie value for persistence and the persistence key if it exists. 

log local0. "[IP::client_addr]:[TCP::client_port]: Request to [HTTP::uri] on server [LB::server] with cookie: [HTTP::cookie value JSESSIONID]" 

} else { 

# Parse the jsessionid from the path 

set jsess [findstr [string tolower [HTTP::path]] "jsessionid=" 11] 

# Use the jsessionid from the path for persisting with a timeout of 2 hours (7200 seconds) 

if { $jsess != "" } { 

persist uie $jsess 7200 

# Log that we're using the path jessionid for persistence and the persistence key if it exists. 

log local0. "[IP::client_addr]:[TCP::client_port]: Request to [HTTP::uri] on server [LB::server] used persistence record from path: [persist lookup uie $jsess]" 

} 

} 

} 

when HTTP_RESPONSE { 

# Check if there is a jsessionid cookie in the response 

if {[HTTP::cookie "JSESSIONID"] ne ""} { 

# Persist off of the cookie value with a timeout of 2 hours (7200 seconds) 

persist add uie [string tolower [HTTP::cookie "JSESSIONID"]] 7200 

            # Log Response

log local0. "[IP::client_addr]:[TCP::client_port]: Request to server [LB::server] with cookie: [HTTP::cookie value JSESSIONID]. Added persistence record from cookie: [persist lookup uie [string tolower [HTTP::cookie "JSESSIONID"]]]" 

} 

}

when LB_SELECTED { 

log "From [IP::client_addr] to physical server [LB::server] the cookie JSESSIONID is [HTTP::cookie "JSESSIONID"] URI JESSIONID is [findstr [string tolower [HTTP::path]] "jsessionid=" 11] " 

}

如何使用CLI 設定 F5 root/admin 的密碼?

如何使用CLI 設定 F5 root/admin 的密碼?

# tmsh

 

(tmos)# modify auth password root

changing password for root
new password:
confirm password: 
(tmos)# 

(tmsh0) # modify auth password admin

changing password for admin
new password:
confirm password: 
(tmos)#

如果不能登入F5 忘記密碼 如何做  Password Recovery ?
1) Reboot using front panel keys
2) Following this link to boot into single user mode https://support.f5.com/kb/en-us/solutions/public/4000/100/sol4178.html
3) Do the following

sh-3.2# passwd

Changing password for user root.

New BIG-IP password: 

Retype new BIG-IP password: 

Changing password for user root.

passwd: all authentication tokens updated successfully.

sh-3.2# reboot

INIT: Sending processes the TERM signal

 

F5 執行 .pl 異常 出現 /usr/bin/perl^M: bad interpreter: No such file or directory

F5 執行 .pl  異常/bin/sh^M: bad interpreter: No such file or directory

 出處 ：http://eeepage.info/binshm-bad-interpreter-no-such-file-or-directory/

在Linux中執行.sh腳本
異常/bin/sh^M: bad interpreter: No such file or directory

分析：
這是不同系統編碼格式引起的：在windows系統中編輯的.sh文件可能有不可見字符，所以在Linux系統下執行會報以上異常信息。

解決：

1）在windows下轉換：
利用一些編輯器如UltraEdit或EditPlus等工具先將腳本編碼轉換，再放到Linux中執行。
轉換方式如下（UltraEdit）：File-->Conversions-->DOS->UNIX即可

2）也可在Linux中轉換：
首先要確保文件有可執行權限
chmod a+x filename

 

然後修改文件格式
vi filename

利用如下命令查看文件格式
:set ff 或 :set fileformat

可以看到如下信息
fileformat=dos 或 fileformat=unix

利用如下命令修改文件格式
:set ff=unix 或 :set fileformat=unix

:wq (存檔退出)

最後再執行文件
./filename

將Terminal 的session儲存log

Save all of your Terminal activity to a file 
May 11, '12 07:30:00AM • Contributed by: chrisgerke

I use Terminal everyday, and I find it a good idea to log everything I you. It makes it much easier to undo your mistakes when you know what those mistakes were. Here's how I do this: 

Open Terminal's preferences. 

Go to Settings, then Shell. You can choose here to run a command at startup. You could create a simple log of your session using the following:

/usr/bin/script ~/Desktop/Terminal.log

This will log everything you do and append it to the log file. 

I like to keep my history so instead I wrote this small script that archives previous sessions by renaming the file with a date/time string. I then set Terminal.app to run at startup the following command:

~/Desktop/logger.sh

Here's the script:

#!/bin/bash 

# logger.sh 

# Log everything you do in Terminal. 

#* Formatted date & time string. 

FORMATTED_DATE=`/bin/date "+%Y-%m-%d%H%M%S"` 

#* Archive the previous file 

/bin/cp -f ~/Desktop/Terminal.log{,.$FORMATTED_DATE.txt} 

#* Begin a new one 

/usr/bin/script ~/Desktop/Terminal.log

 

[kirkmc adds: This is a good idea. I don't use Terminal a lot, but I find that I sometimes need to remember a command I ran in the past which is no longer in my history. 

Also, this is similar to something I do with texts I write. I do most of my writing in BBEdit, and I have a number of "scratch" files which I change every year. For example, I have one file for most of what I write, another just for Mac OS X Hints, and another for a specific client I write for. I archive these files at the end of the year, and create new ones. If I ever need to go back to these files to look for something I can do so. I don't bother to enter dates - which I could do easily enough with a TypeIt4Me shortcut - but if I'm looking for something I'll generally know what text to search for.]

test_new IP 測試

ＨＩＨＩ