F5 proc iRule

1. # Shared procedures
2. # Contact Tim Riker <Tim@Rikers.org> for changes
3.  
4. proc resetforwardhost {} {
5.     if {[HTTP::header exists X-Forwarded-Host]}{
6.         HTTP::header remove X-Forwarded-Host
7.     }
8.     HTTP::header insert X-Forwarded-Host [HTTP::host]
9. }
10.  
11. proc loglist {mylog} {
12.     upvar 1 $mylog log
13.     set list {}
14.     foreach key [lsort [array names log]] {
15.         if { ($log($key) contains " ") } {
16.             lappend list "$key=\"$log($key)\""
17.         } else {
18.             lappend list "$key=$log($key)"
19.         }
20.     }
21.     return $list
22. }
23.  
24. proc hsllog {mylog {hslname "hslname"} {hslpool "pool_splunk-syslog_lb"}} {
25.     upvar 1 $mylog log
26.     # https://tools.ietf.org/html/rfc5424 <local0.info>version rfc-3339time host procid msgid structured_data log
27.     set time [clock clicks -milliseconds]
28.     set output "<134>1 [clock format [string range $time 0 end-3] -gmt 1 -format %Y-%m-%dT%H:%M:%S.[string range $time end-2 end]+00:00] [getfield [info hostname] "." 1] $hslname [TMM::cmp_group].[TMM::cmp_unit] - "
29.     append output [join [call /Common/proc::loglist log] " "]
30.     HSL::send [HSL::open -proto UDP -pool $hslpool] $output
31. }
32.  
33. proc errorpage {code mylog {title ""} {erroruri ""} {page "/Common/error.html"}} {
34.     upvar 1 $mylog log
35.     if { $title == "" } {
36.         set title $log(reason)
37.     }
38.     if { $erroruri == "" } {
39.         catch { set erroruri "https://${log(http_host)}${log(http_uri)}" }
40.     }
41.     set text [join [call /Common/proc::loglist log] "<br>"]
42.     set error_page [string map [list TITLE "$title" ERRORURI "[URI::encode $erroruri]" TEXT $text] [ifile get $page]]
43.     HTTP::respond $code content $error_page "Content-Type" "text/html; charset=utf-8" Virtual-Name [virtual name] Connection close
44.     event disable
45.     return
46. }
47.  
48. proc whitelist {datagroup {hslpool "pool_splunk-syslog_lb"}} {
49.     if { not [class match [IP::client_addr] equals $datagroup] } {
50.         set log(virtual_name) "[virtual name]"
51.         set log(datagroup) $datagroup
52.         set log(reason) "Not Available"
53.         set log(client_addr) [IP::client_addr]
54.         set log(client_port) [TCP::client_port]
55.         set log(http_host) [HTTP::host]
56.         set log(http_uri) [HTTP::uri]
57.         set log(virtual_name) [virtual name]
58.         call /Common/proc::hsllog log whitelist $hslpool
59.         call /Common/proc::errorpage 403 log
60.     }
61. }
62.  
63. proc blacklist {datagroup {hslpool "pool_splunk-syslog_lb"}} {
64.     if { [class match [IP::client_addr] equals $datagroup] } {
65.         set log(virtual_name) "[virtual name]"
66.         set log(datagroup) $datagroup
67.         set log(reason) "Not Available"
68.         set log(client_addr) [IP::client_addr]
69.         set log(client_port) [TCP::client_port]
70.         set log(http_host) [HTTP::host]
71.         set log(http_uri) [HTTP::uri]
72.         set log(virtual_name) [virtual name]
73.         call /Common/proc::hsllog log blacklist $hslpool
74.         call /Common/proc::errorpage 403 log
75.     }
76. }