Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Overview

The Data Theorem API F5 BIG-IP agent can be deployed to F5

Deploying The Network Analyzer

Deploy the network analyzer

Configuring F5 Big-IP Device

Create F5 pool named http_mirrorpool

Add node running network-analyzer to http_mirrorpool

Create F5 iRule to mirror HTTP requests to the new pool by copy/pasting our provided iRule

when RULE_INIT {
    # Log debug locally to /var/log/ltm? 1=yes, 0=no
    set static::hsl_debug 1

    # Pool name to clone requests to
    set static::hsl_pool "httpmirrorpool"
}
when CLIENT_ACCEPTED {

    if {[active_members $static::hsl_pool]==0}{
        log "[IP::client_addr]:[TCP::client_port]: [virtual name] $static::hsl_pool down, not logging"
        set bypass 1
        return
    } else {
        set bypass 0
    }

    # Open a new HSL connection if one is not available
    set hsl [HSL::open -proto TCP -pool $static::hsl_pool]
    if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: New hsl handle: $hsl"}
}
when HTTP_REQUEST {

    # If the HSL pool is down, do not run more code here
    if {$bypass}{
        return
    }
    # Insert an XFF header if one is not inserted already
    # So the client IP can be tracked for the duplicated traffic
    HTTP::header insert X-Forwarded-For [IP::client_addr]

    # Check for POST requests
    if {[HTTP::method] eq "POST"}{

        # Check for Content-Length between 1b and 1Mb
        if { [HTTP::header Content-Length] >= 1 and [HTTP::header Content-Length] < 1048576 }{
            HTTP::collect [HTTP::header Content-Length]
        } elseif {[HTTP::header Content-Length] == 0}{
            # POST with 0 content-length, so just send the headers
            HSL::send $hsl "[HTTP::request]\n"
            if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Sending [HTTP::request]"}
        }
    } else {
        # Request with no payload, so send just the HTTP headers to the clone pool
        HSL::send $hsl "[HTTP::request]\n"
        if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Sending [HTTP::request]"}
    }
}
when HTTP_REQUEST_DATA {
    # The parser does not allow HTTP::request in this event, but it works
    set request_cmd "HTTP::request"
    if {$static::hsl_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Collected [HTTP::payload length] bytes,\
        sending [expr {[string length [eval $request_cmd]] + [HTTP::payload length]}] bytes total"}
    HSL::send $hsl "[eval $request_cmd][HTTP::payload]\nf"
}

Add iRule to applications

  • No labels