Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Configuring F5 Big-IP Device

Create F5 pool named http_mirrorpool

Add node running network-analyzer to http_mirrorpool

Create F5 iRule to mirror HTTP requests to the new pool by copy/pasting our provided iRule.

Code Block
languagetcl

when RULE_INIT {
    # Log debug locally to /var/log/ltm? 1=yes, 0=no
    set static::hsl_debug 1

    # Pool name to clone requests to
    set static::hsl_pool "http_mirrorpoolhttpmirrorpool"
}
when CLIENT_ACCEPTED {

    if {[active_members $static::hsl_pool]==0}{
        log "[IP::client_addr]:[TCP::client_port]: [virtual name] $static::hsl_pool down, not logging"
        set bypass 1
        return
    } else {
        set bypass 0
    }

    # Open a new HSL connection if one is not available
    set hsl [HSL::open -proto TCP -pool $static::hsl_pool]
    if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: New hsl handle: $hsl"}
}
when HTTP_REQUEST {

    # If the HSL pool is down don't do anything else, do not run more code here
    if {$bypass}{
        return
    }
    # Insert an XFF header if one is not inserted already
    # So the client IP can be tracked for the duplicated traffic
    HTTP::header insert X-Forwarded-For [IP::client_addr]

    # Check for POST requests
    if {[HTTP::method] eq "POST"}{

        # Check for Content-Length between 1b and 1Mb
        if { [HTTP::header Content-Length] >= 1 and [HTTP::header Content-Length] < 1048576 }{
            HTTP::collect [HTTP::header Content-Length]
        } elseif {[HTTP::header Content-Length] == 0}{
            # POST with 0 content-length, so just send the headers
            HSL::send $hsl "[HTTP::request]\n"
            if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Sending [HTTP::request]"}
        }
    } else {
        # Request with no payload, so send just the HTTP headers to the clone pool
        HSL::send $hsl "[HTTP::request]\n"
        if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Sending [HTTP::request]"}
    }
}
when HTTP_REQUEST_DATA {
    # The parser does not allow HTTP::request in this event, but it works
    set request_cmd "HTTP::request"
    if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Collected [HTTP::payload length] bytes,\
        sending [expr {[string length [eval $request_cmd]] + [HTTP::payload length]}] bytes total"}
    HSL::send $hsl "[eval $request_cmd][HTTP::payload]\nf"
}

Add iRule to applications