Converting iRules to NetScaler Policies - Location Header Rewrite with Non-Standard Port

book

Article ID: CTX206817

calendar_today

Updated On:

Description

The iRules to NetScaler conversion guides take you through the process of converting your F5 iRules into policies on NetScaler. If you have been using iRules and would like to create the same functionality on NetScaler these guides simplify the process and gets you up and running faster.

Use Case

Location header provides the information to client as where to go next. While the location header mostly gets generated by backend Apps, there is a need to change them on load balancing device. Enterprises runs legacy Apps which were written to generate the Location header with “http” while most of the front-end communication is now switched to “https”. Hence there is a need to do protocol changes as well as at times you are required to change to a on-standard port based on where actual service is running.

F5 iRules

# Rewrites the HTTP Location header in a HTTP Reponse from HTTP to HTTPS and a none standard port to the end of the hostname
# e.g. Location Header 'http://www.test.com/path1/path2/index.html' will be changed to 'https://www.test.com:80/path1/path2/index.html'
when HTTP_RESPONSE {
if {[string tolower [HTTP::header Location]] starts_with "http://" }{
#Splits the Location Header string into a list
# e.g. http://www.test.com/path1/path2/index.html = 'http:', '
', 'www.test.com', 'path1', 'path2', 'index.html'
set loc_list [split [HTTP::header Location] "/"]
# Replaces list location 0 (first item) with 'https:'
# e.g. list item 0 = 'http:' and is replaced with 'https:'
lreplace $loc_list 0 0 "https:"
# Appended the port number to list location 2 (the FQDN), if a
port is already defined this will replaced
# e.g. list item 2 = 'www.test.com:897' is replaced with 'www.
test.com:80'
# e.g. list item 2 = 'www2.test.com' is replaced with 'www2.te
st.com:80'
lreplace $loc_list 2 2 '[lindex [split [lindex $loc_list 2] ":
"] 0]:80'
# List items are joined back together with '/' inserted and se
t at the new HTTP Location Header
# e.g. list = 'https:', '', 'www.test.com:80', 'path1', 'path2
', 'index.html' becomes 'https://www.test.com:80/path1/path2/index.html'
HTTP::header replace Location [join $loc_list "/"]
}
}

Source - https://devcentral.f5.com/codeshare/http-to-https-location-rewrite-with-custom-port

NetScaler Solution

add rewrite action modify_location_header replace
HTTP.RES.HEADER("Location")
'"https://"+HTTP.RES.HEADER("Location").TYPECAST_HTTP_URL_T.HOSTNAME
.SERVER+":80"+HTTP.RES.HEADER("Location").TYPECAST_HTTP_URL_T'
add rewrite policy policy_modify_location_header '
HTTP.RES.HEADER("Location").STARTSWITH("http://")'
modify_location_header

Here we are using the NetScaler Rewrite module to modify the “Location” header while the response gets processed through NetScaler. While changing the protocol from http to https, we are also adding the specific destination port. Bind Rewrite policy to specific VSERVER or to Global rewrite bind point on Response flow.

Issue/Introduction

Converting iRules to NetScaler Policies - Location Header Rewrite with Non-Standard Port

Additional Information

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"