It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Load Balancer ADC

Understanding HTTP Rewrite Rules

  • Last updated on
Website translation is used to set a variety of address translation rules for application-specific packets sent through the Barracuda Load Balancer ADC. It translates the internal codes, headers, and cookies so that the actual message is concealed from external users. Using website translation, you can accomplish website cloaking and translation of URLs and headers in requests or responses.

Use the TRAFFIC > Web Translations page to create rules to modify inbound HTTP requests and outbound responses for HTTP/HTTPS Services. From this page you can:
  • Create rewrite rules to modify incoming HTTP request headers and URLs
  • Create rewrite rules to modify outbound HTTP response headers
  • Create rules to rewrite any text string in an outbound HTTP response body

HTTP Request Rewrite Conditions

An HTTP request rewrite is applied to the HTTP request coming from the client to the Barracuda Load Balancer ADC. A request rewrite condition is made up of one or more expressions. An expression consists of an operand, an operator, and a matching value.

 

Table 1. HTTP Request Rewrite Operators

Table 1 describes the operators you can use in the request rewrite condition expression:

Operator Values Description
contains, CONTAINS, co, CO Checks if the operand contains the matching value.
ncontains, nCONTAINS, nco, nCO Checks if the operand does not contain the matching value.
rcontains, rCONTAINS, rco, rC Checks if the operand contains the matching value, where the matching value is interpreted as a regular expression.
equals, EQUALS, eq, E Checks if the operand is equal to the matching value.
nequals, nEQUALS, neq, nEQ Checks if the operand is not equal to the matching value.
requals, rEQUALS, req, rE Checks if the operand is equal to the matching value, where the matching value is interpreted as a regular expression.
exists, EXISTS, ex, EX Checks if the operand exists. No matching value is required.
nexists, nEXISTS, nex, nEX Checks if the operand does not exist. No matching value is required.

 

Table 2. HTTP Response Rewrite Expression Tokens

Table 2 describes the tokens available for joining expressions:

Token Description
or, OR, || Checks if either of the expressions is true.
and, AND, & Checks if both the expressions are true.
( ) Use parentheses to group together multiple expressions.

 

Table 3. HTTP Response Rewrite Expression Operands

Table 3 describes the possible operands for the expression; all keywords are case insensitive:

Operands Description Example
Header

Examine the request header. You can search for a header field name, which is a string followed by a colon (:), or for any string. To search for HTTP or custom header field names, type Header followed by the header field name. The header field name to be examined may be a string (e.g. user-agent, accept) or a wildcard (to examine all headers).

To search for any string in the header area, enter that string without the keyword. In all of these cases, the matching value may be a regular expression.

  • Header Accept co soap
  • Header Soap-Action ex
  • AnyString EX
Client IP Check the IP address of the client that sent the request. The IP address can be either the host IP address or subnet IP address specified by a mask. Only the EQUAL and NOT EQUAL operators may be used with this operand
  • Client-IP eq 192.168.1.0/24 (subnet IP address containing the mask)
  • Client-IP eq 192.168.1.10 (host IP address)
URI  The Uniform Resource Identifier (URI) identifies the resource upon which to apply the request. The matching value may be a regular expression.
  • URI rco /abc*html
Method HTTP method in the request.
  • Method eq GET
HTTP-Version HTTP protocol version of the request.
  • HTTP-Version eq HTTP/1.1
Parameter The query portion of the URL which is passed to the server as a name-value pair. $NONAME_PARAM may be used to refer to the case where the parameter name is absent. The matching value may be a regular expression.
  • Parameter sid eq 1234
  • Parameter $NONAME_PARAM co abcd
Pathinfo The portion of URL containing extra information about the path of the resource on the server. The matching value may be a regular expression.
  • pathinfo rco abc*

 

HTTP Response Rewrite Conditions

A response rewrite condition is made up of one or more expressions consisting of an operand, an operator, and a matching value.

 

An HTTP Response rewrite is applied to the HTTP response going out from the servers to the client through the Barracuda Load Balancer ADC.


Table 4. HTTP Response Rewrite Expression Operators

Table 4 describes the operators you can use in the response rewrite condition expression:

 

Operator Values Description
contains, CONTAINS, co, CO Checks if the operand contains the matching value.
ncontains, nCONTAINS, nco, nCO Checks if the operand does not contain the matching value.
rcontains, rCONTAINS, rco, rC Checks if the operand contains the matching value, where the matching value is interpreted as a regular expression.
equals, EQUALS, eq, E Checks if the operand is equal to the matching value.
nequals, nEQUALS, neq, nEQ Checks if the operand is not equal to the matching value.
requals, rEQUALS, req, rE Checks if the operand is equal to the matching value, where the matching value is interpreted as a regular expression.
exists, EXISTS, ex, EX Checks if the operand exists. No matching value is required.
nexists, nEXISTS, nex, nEX Checks if the operand does not exist. No matching value is required.


Table 5. HTTP Response Rewrite Expression Tokens

Table 5 describes the expressions available for joining expressions:

Token Description
or, OR, || Checks if either of the expressions is true.
and, AND, & Checks if both the expressions are true.
( ) Use parentheses to group together multiple expressions.

 

Table 6. HTTP Response Rewrite Expression Operands

Table 6 describes the possible operands for the expression; all keywords are case insensitive:

Operands Description Example
Header

Examine the request header. You can search for a header field name, which is a string followed by a colon (:), or for any string. To search for HTTP or custom header field names, type Header followed by the header field name. The header field name to be examined may be a string (e.g. user-agent, accept) or a wildcard (to examine all headers).

To search for any string in the header area, enter that string without the keyword. In all of these cases, the matching value may be a regular expression.

  • Header Accept co soap
  • Header Soap-Action ex
  • AnyString EX
Response-Header Examine the header of the response. You can search for a header field name, which is a string followed by a colon (:), or for any string. 

To search for HTTP or custom header field names, type Response-Header followed by the header field name. The header field name to be examined may be a string (e.g. user-agent, accept) or a wildcard (to examine all headers). 

To search for any string in the header area, enter that string without the keyword. In all of these cases, the matching value may be a regular expression.
  • Response-Header Set-Cookie co sessionid
Status-Code Checks the status code of the response returned by the server.
  • Status-Code eq 200

Response Body Rewrite

You can create rules for searching and replacing any string in the body of outbound responses. Only responses where the content-type begins with text/ (text/html, text/plain, text/javascript, text/css, text/xml) are searched, not flash or applet content. Table 7 lists the response body rewrite values.

Search and replace strings must be text; regular expressions cannot be used. Additionally, because meta-characters such as \r or \n cannot be used, you cannot search and replace any multi-byte character set strings.


Table 7. Response Body Rewrite Values

Table 7 describes the Response Body Rewrite Rule fields:

Field Name Description
Rule Name Enter a name to identify the rule.
Rule Order If there is more than one rule, enter the order of execution; the range is 1 to 128 with '1' executed first.
Host Match

Enter a value matching the Hostname field in the request header. This value can identify a specific host or it can be a wildcard match with a single asterisk (*) anywhere in the hostname, for example:

  • *
  • *.abc.com
  • www.abc.com
URL Match Enter a value matching the URL field in the request header. The URL Match must start with a slash (/) and can have only one asterisk (*) anywhere in the URL. A value of /* means that the ACL applies for all URLs in that domain. For example:
  • /*
  • /index.html
  • /public/index.html
Search String Enter the text string on which to search in the response body.
Replace String Enter the replacement text string.

 

 

For a Response Body Rewrite example, refer to the article Example - Using Response Body Rewrite to Enable Web Sites for Google Analytics .