Learn how to logically plan and write iRules to help monitor and manage common traffic processing tasks on the BIG-IP system. Explore events, functions, commands, variables, operators, and other elements for mastering iRule development. Gain practical experience through hands-on labs using control structures for conditional branching and looping, mastering spacing, grouping, special symbols, and implementing recommended practices for efficiency. Complete additional skill-building exercises incorporating advanced variables, including arrays, static variables, and session tables.

Reference real-world examples extensively, including securing web applications with iRules by preventing common attacks which can abuse HTTP, securing HTTP headers and cookies, and implementing HTTP strict transport security. Develop skills working with strings, including Tcl parsing commands and other parsing functions. Delve into advanced topics such as using iRules with universal persistence and stream profiles, gathering statistics using STATS and ISTATS, and different methods for accessing, manipulating, and selectively applying compression to HTTP traffic.

This course is intended for system administrators, network administrators and application developers responsible for the customization of traffic flow through a BIG-IP system using iRules.

Students must complete one of the following F5 prerequisites before attending this course:
• Administering BIG-IP (ILT)
• F5 Certified BIG-IP Administrator

Suggested Prework

The following free Self-Directed Training (SDT) courses, although optional, are helpful for any student with limited BIG-IP administration and configuration experience:
• Getting Started with BIG-IP
• Getting Started with Local Traffic Manager (LTM)
General network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course, including OSI model encapsulation, routing and switching, Ethernet and ARP, TCP/IP concepts, IP addressing and subnetting, NAT and private IP addressing, NAT and private IP addressing, default gateway, network firewalls, and LAN vs. WAN.
The following course-specific knowledge and experience is suggested before attending this course:
• HTTP protocol
• Any programming language

Chapter 1: Introducing the BIG-IP System
• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP Configuration
• Leveraging F5 Support Resources and Tools
Chapter 2: Getting Started with iRules
• Customizing Application Delivery with iRules
• Triggering an iRule
• Leveraging the DevCentral Ecosystem
• Creating and Deploying iRules
Chapter 3: Exploring iRule Elements
• Introducing iRule Constructs
• Understanding iRule Events and Event Context
• Working with iRule Commands
• Logging from an iRule Using SYSLOG-NG (LOG Command)
• Working with User-Defined Variables
• Working with Operators and Data Types
• Working with Conditional Control Structures (IF and SWITCH)
• Incorporating Best Practices in iRules
Chapter 4: Developing and Troubleshooting iRules
• Mastering Whitespace and Special Symbols
• Grouping Strings
• Developing and Troubleshooting Tips
• Using Fiddler to Test and Troubleshoot iRules
Chapter 5: Optimizing iRule Execution
• Understanding the Need for Efficiency
• Measure iRule Runtime Efficiency Using Timing Statistics
• Modularizing iRules for Administrative Efficiency
• Using Procedures to Modularize Code
• Optimizing Logging
• Using High-Speed Logging Commands in an iRule
• Implementing Other Efficiencies
• Using Looping Control Structures (WHILE, FOR, FOREACH Commands)
Chapter 6: Securing Web Applications with iRules
• Integrating iRules into Web Application Defense
• Mitigating HTTP Version Attacks
• Mitigating Path Traversal Attacks
• Using iRules to Defends Against Cross-Site Request Forgery (CSRF)
• Mitigating HTTP Method Vulnerabilities
• Securing HTTP Cookies with iRules
• Adding HTTP Security Headers
• Removing Undesirable HTTP Headers
Chapter 7: Working with Numbers and Strings
• Understanding Number Forms and Notation
• Working with Strings (STRING and SCAN Commands)
• Combining Strings (Adjacent Variables, CONCAT and APPEND Commands)
• Using iRule String Parsing Functions (FINDSTR, GETFIELD, and SUBSTR Commands)
Chapter 8: Processing the HTTP Payload
• Reviewing HTTP Headers and Commands
• Introducing iRule HTTP Header Commands
• Accessing and Manipulating HTTP Headers (HTTP::header Commands)
• Other HTTP commands (HTTP::host, HTTP::status, HTTP::is_keepalive, HTTP::method, HTTP::version, HTTP::redirect, HTTP::respond, HTTP::uri)
• Parsing the HTTP URI (URI::path, URI::basename, URI::query)
• Parsing Cookies with HTTP::cookie
• Selectively Compressing HTTP Data (COMPRESS Command)

Chapter 9: Working with iFiles and Data Groups
• Working with iFiles
• Introducing Data Groups
• Working with New Format Data Groups (CLASS MATCH, CLASS SEARCH)
Chapter 10: Using iRules with Universal Persistence, Stream, and Statistics Profiles
• Implementing Universal Persistence (PERSIST UIE Command)
• Working with the Stream Profile (STREAM Command)
• Collecting Statistics Using a Statistics Profile (STATS Command)
• Collecting Statistics Using iStats (ISTATS Command)
Chapter 11: Incorporating Advanced Variables
• Reviewing the Local Variable Namespace
• Working with Arrays (ARRAY Command)
• Using Static and Global Variables
• Using the Session Table (TABLE Command)
• Processing Session Table Subtables
• Counting “Things” Using the Session Table