STREAM::enable¶
Description¶
Enables the stream filter for the life of the current TCP flow or until disabled with STREAM::disable. You must precede this command with a STREAM::expression command. The virtual server must have a Stream Profile attached (the default Stream Profile
/Common/stream
is sufficient).
Syntax¶
STREAM::enable
STREAM::enable¶
- Enables the stream filter for the life of the current TCP flow or until disabled with STREAM::disable. You must precede this command with a STREAM::expression command.
Configuration requirements:
1. The virtual server must have a Stream Profile attached. The default
Stream Profile
/Common/stream
is sufficient.
2. (The following restriction is completely obsolete.) For TMOS
version 9.4.0 and all previous (older) versions, you must force BIG-IP
to use chunking and therefore remove the response content length
header. This can be done by applying a custom HTTP profile to the
virtual server with Response Chunking set to “Rechunk”. (See
SOL6422
for details.)
3. The stream profile can have different states (enabled vs disabled)
on each side of the connection. Calling STREAM::enable in HTTP_REQUEST
will apply the stream profile to the client-side for HTTP requests
coming in towards the server. Calling STREAM::enable in HTTP_RESPONSE
will apply the stream profile on the server-side for HTTP responses
going out towards the client.
Version Specific Notes¶
LTM 9.2 - 9.2.4 | The Stream filter uses TCL to parse and replace data. TCL has a 4Mb limit for a single allocation or connection. When this limit is exceeded, TMM will crash. See AskF5 SOL6741 (CR55382 and CR70146) for details and a workaround. This issue was resolved in 9.2.5, 9.3 and 9.4+ |
LTM 9.3.1+, 9.4.2+ | STREAM::enable must be called after STREAM::expression. See CR79374 |
Examples¶
See the STREAM::expression page for
additional examples.
when HTTP_REQUEST {
# Explicitly disable the stream profile for each client-side request so it doesn't stay
# enabled for subsequent HTTP requests on the same TCP connection.
STREAM::disable
}
when HTTP_RESPONSE {
# Explicitly disable the stream profile for each server-side response so it doesn't stay
# enabled for subsequent HTTP responses on the same TCP connection.
STREAM::disable
# Apply stream profile against text responses from the application
if { [HTTP::header value Content-Type] contains "text" }{
# Look for http:// and replace it with https://
STREAM::expression {@http://@https://@}
# Enable the stream profile
STREAM::enable
}
}
# This section only logs matches, and should be removed before using the rule in production.
when STREAM_MATCHED {
log local0. "Matched: [STREAM::match]"
}
If you only want to replace some http:// links with https://, you can specify a more complex regular expression in the ‘find’ portion of the STREAM::expression. For example, to match all http:// links except http://schemas.microsoft.com/intellisense/ie5, you can use a negative look behind in the regex:
http:(?!//schemas\.microsoft\.com/intellisense/ie5)