fir3net
PPS-Firenetbanner-780.5x190-30-03-17

Brocade ADX - Content Switching Rewrite

A typical issue when SSL termination is performed on the load balancer is that URL redirects from the backend servers still contain a 'http://' prefix rather then 'https://'

Within this article we will show the required commands for creating a Content Switching Policy that will rewrite any URL`s containing a 'http://' prefix to 'https://' for traffic originating from the backend servers. This is also known as a reverse rewrite.

CSW Rule

csw-rule "bodyhttp" response-body pattern "http://"
csw rule "redirection" response-header "Location" pattern "http://"
csw-rule "responsestatus" reponse-status-code 301 302
csw-rule "urlexists" url exists

CSW Policy

csw-policy "rewritehttp" type reponse-rewrite
  match "urlexists" response-body-rewrite
  match "responsestatus" reponse-header-rewrite
  match "rediretlocation" rewrite response-header-replace "https://" offset 0 length 7
  match "bodyhttp" rewrite reponse-body-replace "https://" offset 0 length 7

Assign to Virtual Server

server virtual XXX
  port ssl response-rewrite-policy "rewritehttp"

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001