big-ip F5 irule

怕健忘 紀錄irule

LC 常用

when CLIENT_ACCEPTED {

if { [class match [IP::client_addr] equals "Server1"]} {

                 snatpool snat_proxy1

                 pool GW_ISP1_Pool

} elseif {[class match [IP::client_addr] equals "Server2"]} {

                 snatpool snat_proxy2

                 pool GW_ISP2_Pool

 }else {

                   snatpool Default

                   pool gateway_pool

        }

}

when CLIENT_ACCEPTED {

switch [IP::client_addr] {

"10.10.10.10" { snat 192.169.42.10 }

"10.10.10.11" { snat 192.168.42.11 }

"10.10.10.12" { snat 192.168.42.12 }

"10.10.10.13" { snat 192.168.42.13 }

    default { snat automap }

  }

}

when SERVER_CONNECTED {

log local0. "client [IP::client_addr]:[TCP::client_port] snat [IP::local_addr]:[TCP::local_port] server [IP::server_addr]:[TCP::server_port]"

}

}

when CLIENTED_ACCEPTED {

    switch [IP::client_addr] {

        "10.10.10.10" { 

            log local0. "Snatting 10.10.10.10 to 192.168.42.10"

            snat 192.169.42.10 

        }

        "10.10.10.11" { 

            log local0. "Snatting 10.10.10.11 to 192.168.42.11"

            snat 192.168.42.11 

        }

        "10.10.10.12" { 

            log local0. "Snatting 10.10.10.12 to 192.168.42.12"

            snat 192.168.42.12 

        }

        "10.10.10.13" { 

            log local0. "Snatting 10.10.10.13 to 192.168.42.13"

            snat 192.168.42.13 

        }

        default { 

            log local0. "Snatting [IP::client_addr] to automap"

            snat automap 

        }

    }

}

session persistence  in irule

when HTTP_REQUEST { 

if { [HTTP::cookie exists "JSESSIONID"] } { 

persist uie [HTTP::cookie "JSESSIONID"] 1800 

} else { 

set jsess [findstr [HTTP::uri] "JSESSIONID" 11 ";"] 

if { $jsess != "" } { 

persist uie $jsess 1800

} 

} 

} 

when HTTP_RESPONSE { 

if { [HTTP::cookie exists "JSESSIONID"] } { 

persist add uie [HTTP::cookie "JSESSIONID"] 1800 

} 

}

when HTTP_REQUEST { 

# Check if there is a JSESSIONID cookie 

if {[HTTP::cookie "JSESSIONID"] ne ""}{ 

# Persist off of the cookie value with a timeout of 2 hours (7200 seconds) 

persist uie [string tolower [HTTP::cookie "JSESSIONID"]] 7200 

# Log that we're using the cookie value for persistence and the persistence key if it exists. 

log local0. "[IP::client_addr]:[TCP::client_port]: Request to [HTTP::uri] on server [LB::server] with cookie: [HTTP::cookie value JSESSIONID]" 

} else { 

# Parse the jsessionid from the path 

set jsess [findstr [string tolower [HTTP::path]] "jsessionid=" 11] 

# Use the jsessionid from the path for persisting with a timeout of 2 hours (7200 seconds) 

if { $jsess != "" } { 

persist uie $jsess 7200 

# Log that we're using the path jessionid for persistence and the persistence key if it exists. 

log local0. "[IP::client_addr]:[TCP::client_port]: Request to [HTTP::uri] on server [LB::server] used persistence record from path: [persist lookup uie $jsess]" 

} 

} 

} 

when HTTP_RESPONSE { 

# Check if there is a jsessionid cookie in the response 

if {[HTTP::cookie "JSESSIONID"] ne ""} { 

# Persist off of the cookie value with a timeout of 2 hours (7200 seconds) 

persist add uie [string tolower [HTTP::cookie "JSESSIONID"]] 7200 

            # Log Response

log local0. "[IP::client_addr]:[TCP::client_port]: Request to server [LB::server] with cookie: [HTTP::cookie value JSESSIONID]. Added persistence record from cookie: [persist lookup uie [string tolower [HTTP::cookie "JSESSIONID"]]]" 

} 

}

when LB_SELECTED { 

log "From [IP::client_addr] to physical server [LB::server] the cookie JSESSIONID is [HTTP::cookie "JSESSIONID"] URI JESSIONID is [findstr [string tolower [HTTP::path]] "jsessionid=" 11] " 

}