F5 BIG-IP - iRules

Return to Wiki Index

To display all configured iRules, use the following command:

tmsh show ltm rule

This command lists all iRules on the system along with their current status.

To view a specific iRule by name, use:

tmsh show ltm rule <iRule_name>

Example:

tmsh show ltm rule myrule

This command will display the full content of the `myrule` iRule.

To create a new iRule, use the following command:

tmsh create ltm rule <iRule_name> { <iRule_script> }

Example:

tmsh create ltm rule myrule { when HTTP_REQUEST { log local0. "Received HTTP request" } }

This creates an iRule named `myrule` that logs an entry for each HTTP request received.

To modify an existing iRule, use:

tmsh modify ltm rule <iRule_name> { <new_iRule_script> }

Example:

tmsh modify ltm rule myrule { when HTTP_REQUEST { log local0. "Received HTTP request with URI: [HTTP::uri]" } }

This modifies the `myrule` iRule to log the URI of each HTTP request.

To delete an iRule, use:

tmsh delete ltm rule <iRule_name>

Example:

tmsh delete ltm rule myrule

This deletes the `myrule` iRule from the system.

1. 1. 1. Basic iRule Syntax

An iRule consists of **event blocks**, which trigger actions based on specific traffic events. The basic syntax of an iRule looks like this:

when <event> {
    <action>
}

Example:

when CLIENTSSL_HANDSHAKE {
    log local0. "SSL handshake initiated"
}

1. 1. 1. Common Events in iRules

- **HTTP_REQUEST**: Triggered when an HTTP request is received. - **HTTP_RESPONSE**: Triggered when an HTTP response is generated. - **CLIENTSSL_HANDSHAKE**: Triggered during the SSL handshake. - **TCP_REQUEST**: Triggered for TCP traffic.

1. 1. 1. Common Actions in iRules

- **log**: Logs information to the system log. - **reject**: Rejects the connection. - **forward**: Forwards the traffic to the next step. - **pool**: Directs the traffic to a specific pool or server.

1. 1. 1. Example iRule for HTTP Request Logging

when HTTP_REQUEST {
    log local0. "Received HTTP request: [HTTP::uri]"
}

This iRule logs each HTTP request's URI to the system log.

To assign an iRule to a virtual server, use the following command:

tmsh modify ltm virtual <vs_name> rules add { <iRule_name> }

Example:

tmsh modify ltm virtual my_virtual_server rules add { myrule }

This command adds the `myrule` iRule to the `my_virtual_server` virtual server.

To remove an iRule from a virtual server, use:

tmsh modify ltm virtual <vs_name> rules delete { <iRule_name> }

Example:

tmsh modify ltm virtual my_virtual_server rules delete { myrule }

This removes the `myrule` iRule from the `my_virtual_server` virtual server.

To view the logs generated by iRules, use the following command:

tail -f /var/log/ltm

This command will display the log entries created by iRules on the system.

Before deploying an iRule, it is important to ensure that there are no syntax errors. To validate the syntax of an iRule, use:

tmsh show ltm rule <iRule_name> syntax

Example:

tmsh show ltm rule myrule syntax

This command checks for syntax errors in the `myrule` iRule.

For debugging iRules, use the **log** command to print debug messages to the system log. You can enable verbose logging to track the execution flow of the iRule:

log local0. "Debugging iRule execution: [HTTP::uri]"

Additionally, you can use the following command to increase log verbosity:

tmsh modify /sys log-config level debug

This will increase the level of logging on the system, helping to debug any issues with iRule execution.

• [F5 BIG-IP iRule Documentation](https://support.f5.com/csp/article/K19240)
• [F5 BIG-IP iRule Examples](https://techdocs.f5.com/)
• [F5 iRule Tutorials](https://community.f5.com/)
• [F5 Knowledge Base](https://support.f5.com/csp/)
• [F5 Downloads](https://downloads.f5.com/)
• [F5 iRules GitHub Repository](https://github.com/f5devcentral)
• [F5 iRules YouTube Channel](https://www.youtube.com/user/F5Networks)

---

Return to Wiki Index