I’m having issues with creating an aflex that has an array of urls that I want to block access to through the AX.
I don’t know how to handle the array correctly. I want to redirect to the site root whenever someone tries to access these urls. I’ve tried different variants of this script (that I tried to construct with the help of Mr. Google):
What does the aFleX need to do? Redirect to root for all these URIs?
I would suggest to use class-lists if the list gets very long.
`################################################# # # Redirect w/ class-lists # (c) A10 Networks – MP # v1 20140204 # ################################################# # # aFleX script to do redirection with a class-list. # # The class-list for the redirects is called # “cl-uris” (default) of type “string” and has # to contain the following data: # str # # For example: # str /uri1 # str /uri2 # # Scalability of this aFlex is unknown. # # Questions & comments welcome. # mpeters AT a10networks DOT com # ################################################# when RULE_INIT { set ::DEBUG 0 set ::URIS “cl-uris” }
when HTTP_REQUEST { set URI [string tolower [HTTP::uri]] if { [CLASS::match $URI starts_with $::URIS] == 1 } { HTTP::redirect http://[HTTP::host] if { $::DEBUG == 1 } { log “Redirected: $URI” } } }`
It’s 27 URIs at the moment and I don’t think it will grow much or at all over time. All of them should redirect to site root.
The “aflex optimization” page needs an update if class lists are better than arrays. It has some other syntax errors on there as well…
By the way, where do I specify the class list and how? I hav enever used them before and I can’t find anything on how to set the list in the aflex reference document. (For 2.7)
I found out that I could create the class list in cli. It seems to be working, it’s just that it keeps the url in the browser and when applied to https it doesn’t redirect to http.
Another issue is that firefox and IE thinks the response is corrupted and shows nothing when this is triggered, chrome works somewhat better but not as expected.
I also tried with HTTP::respond 301 Location “http://HTTP::host” but it reacts the same.
I solved it, the HTTP::host has to be in brackets like [HTTP::host]. The code-tag you can use on forums removes it in the example below, if I edit the post I can see the brackets!
`when RULE_INIT { set ::DEBUG 1 set ::URIS “cl-uris” }
when HTTP_REQUEST { set URI [string tolower [HTTP::uri]] if { [CLASS::match $URI starts_with $::URIS] == 1 } { HTTP::redirect http://[HTTP::host] if { $::DEBUG == 1 } { log “Redirected: $URI to http://[HTTP::host]” } } }`
Hi,
I want to have the similar rule.
So I tested this rule but does not seem to be working, does not redirect with match.
When it hit, stats shows total execution for RULE_INIT 1, HTTP_REQUEST 34, and 34 aborts, and no log found on Debug.
Did you use the same script? Including the class-list?
Can you share the script you are using? The abort usually indicates that a certain variable wasn’t found. See if “show aflex debug” tells you something.
The URI “/cl-uris” is not the actual URI the script is looking at. With the script you need to create a class-list on the unit with something like: class-list cl-uris string str /uri-that-triggers-redirect ! So as soon as you do http://virtualhost/uri-that-triggers-redirect you will be redirected to http://virtualhost If this is only for a single URI you want to do this you can use: when RULE_INIT { set ::DEBUG 0 } when HTTP_REQUEST { if { [string tolower [HTTP::uri]] eq "/uri-that-triggers-redirect" } { HTTP::redirect http://[HTTP::host] if { $::DEBUG == 1 } { log "Redirected: [HTTP::uri]" } } }
The class-lists, unlike the data groups, don’t go into the aFleX it self. They are part of the device configuration, so you can create this list separately without touching the aFleX script.
Can you provide some examples of the redirects you want to do, as the script might not cover all your requirements.
