HTTP_PROXY_REQUEST

Description¶

Triggered when a virtual server has proxy-mode explicit set and one of the following two scenarios are true:

the request has a full uri of the form http://hostname:port/path (much like HTTP_REQUEST, but with access to the original uri)
the request is a CONNECT request (e.g. CONNECT hostname:port HTTP/1.1)

This event allows manipulation of either the request URI, or control of whether the BIG-IP performs the proxy action.

Examples¶

Example 1: Simple Proxy Chaining

when HTTP_PROXY_REQUEST {
    if { not [HTTP::method] == "CONNECT" && [URI::host [HTTP::uri]] ends_with ".internal.domain.com" } {
          HTTP::proxy disable
          pool internal_proxy_3128
    } else {
          HTTP::proxy enable
    }
}

Example 2: Advanced Proxy Chaining & URI Rewriting

when HTTP_PROXY_REQUEST {
    log local0. "[HTTP::method] [HTTP::uri]"
    switch [string tolower [URI::host [HTTP::uri]]] {
        "www.google.com" {
             # send request to default pool (aka proxy-chaining)
             HTTP::proxy disable
         }
         "www.abc.com" {
             # change request to a different host - remains a proxy request
             HTTP::uri http://www.google.com/
         }
         "www.def.com" {
             # change request to a normal (not proxy) request - goes to the default pool
             HTTP::uri /def.html
          }
     }
}

when HTTP_REQUEST {
    log local0. "[HTTP::method] [HTTP::uri]"
}

Example 3: Proxy Chaining via Categorization (Requires either an SWG or URL Filtering Subscription)

when RULE_INIT {
    log local0. "Proxy Chain iRule"
    set static::Proxy_Chain_categories {
       /Common/Restaurants_and_Dining
    }
    set static::Proxy_Chain_debug 1
}

when HTTP_PROXY_REQUEST {
    set proxy_chain 0
    if { $static::Proxy_Chain_debug } { log local0. "URI: [HTTP::uri]" }

    # Check for a category match
    set reply [getfield [CATEGORY::lookup [HTTP::uri]] " " 1]
    if {[lsearch -exact $static::Proxy_Chain_categories $reply] >= 0}{
        if { $static::Proxy_Chain_debug } { log local0. "HIT: The category $reply should be bypassed for [HTTP::uri]" }
        set proxy_chain 1
    }

    # Check for a URI::host for HTTP connections
    if {[URI::host [HTTP::uri]] == "www.cariboucoffee.com"} {
        set proxy_chain 1
    }

    # Perform the prescibed action
    if { $proxy_chain } {
        if { $static::Proxy_Chain_debug } { log local0. "Proxy Chain: [HTTP::method] URI:[HTTP::uri]" }
        HTTP::proxy disable
        snat 10.10.1.10
        pool squid
    }
}

Related Information¶

Available Commands:

HTTP::uri - Returns or sets the URI part of the HTTP request.
pool - Causes the system to load balance traffic to the specified pool or pool member regardless of monitor status.

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code:

Allow HTTP Explicit Proxy (11.5.1+) to handle shortname resolution - Support shortname hosts with an LTM 11.5.1+ explicit proxy profile.

Introduced: BIGIP-11.5.0

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.

HTTP_PROXY_REQUEST¶

Description¶

Examples¶

Related Information¶