Subscribe: Nicholas Zurfluh
Preview: Nicholas Zurfluh

Nicholas Zurfluh


Copyright: Nicholas Zurfluh

A Clean up routine for bigip.conf

Wed, 21 Feb 2007 19:37:00 GMT

Originally posted on:

Here is a neat trick I stumbled across while doing some Stream Editing. Here is a command that will remove all tabs and spaces before a new line. sed -e 's/[]*$//' -e '/^$/ d' (This command is yet untested) This should reduce those extra characters from causing the b load command to fail. (image)

Keyword Marketing

Mon, 28 Aug 2006 14:33:00 GMT

Originally posted on:

I have found my initial foray into online marketing to be less than successful. It is odd what words people choose to find things online. The most obvious keywords do not neccessarily result in the most clicks.

I recall a book I read entitled Selling the Invisible, I highly recommend for anyone who sells consulting services.

After all of my efforts crafting the advertisements and honing keywords I have recieved only one click. For all that work, it didn't even result in a conversion. Fortunately, as an engineer, I don't give up easily.


In case I forget again...

Wed, 28 Jun 2006 21:24:00 GMT

Originally posted on:

OpenSSL is a usefull tool for trouble shooting issues with BIG-IP.

The sytax for creating a client connection is as follows:

openssl s_client -connect hostname:port


Big-IP Version 9.0.5 - syslog-ng remote logging

Tue, 07 Jun 2005 22:26:00 GMT

Originally posted on:

F5 has given me a sample configuration for the /etc/syslog-ng/syslog-ng.conf

Here is what you should add to the file for logging to a remote “loghost“.

destination loghost {
       udp ("remote_ip_of_server");

log {
        destination (loghost);


Log Roller

Mon, 06 Jun 2005 15:56:00 GMT

Originally posted on:

My clients often request to use a syslog server for security notifications. It would be my preference to do this with Web services. In the mean time I will have to make due with syslog. Here is a page with a canned script for log rolling. (image)

Correct the time with Big-IP ver. 4.5.9x

Mon, 01 Nov 2004 18:07:00 GMT

Originally posted on:

Simple technique to correct the date/time of a Big-IP.  F5 will tell you to take your unit into single user mode, this is not neccessary.  I have discovered that you can update the time of an standby unit in multiuser mode.

You can update the clock in multiuser mode with ntpdate.

Syntax: ntpdate -b (time server IP/FQDN)

Manual page for ntpdate:


NIST official publication

Thu, 09 Dec 2004 00:23:00 GMT

Originally posted on:

Some light reading, next time I want to deploy NTP.


Big-IP ver. 4.5.9 ECV of Siteminder protected sites

Thu, 09 Sep 2004 21:53:00 GMT

Originally posted on:

What are the criteria that constitutes meaningful ECV.

Would this be a page match for an authenticated user session? 

If a simple content match on the home page is our goal it would require that we authenticate through Siteminder or thwart it.  Given, my understanding of Siteminder a script that authenticates a user would require an extended application verification script.  This aproach would exceed our ECV requirements. 

An alternative would be unprotect a page (if there is such an ability) have Big-IP issue a get request and thwart the authentication.  This would not tell us if the Siteminder elements are working and there could be a scenario where Big-IP can retreive a page that a user cannot authenticate.

What if a Siteminder referal response is good enough to consider a service available?

This can be done with a http v.1.1 request:

GET /index.html HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Host: Connection: close

The recieve string could be:$SM$http


enable SNMP queries in Big-IP ver. 4.5.9

Wed, 29 Sep 2004 19:13:00 GMT

Originally posted on:

If you put a 32 bit host mask ( in your SNMP client allow list (hosts.allow) Big-IP will not respond.  You must remove the host mask and leave an empty value unless your client is a network address



Changing time in Big-IP 4.5.9 and BSD

Wed, 29 Sep 2004 18:39:00 GMT

Originally posted on:

Normally with BSD you are required to go into single user mode prior to changing the time.  I have discovered that you can use ntpdate to correct the time in multi-user mode (A.K.A. init level 2). (image)

Poor man's Telecine

Mon, 13 Sep 2004 15:44:00 GMT

Originally posted on:

I found an excelent site that details various attempts at telecine. It is quite remarkable to see the result of the images produce by using a microscope and camera combination. I have used several of the devices that are featured from the site, so, I can relate to some of the authors challanges. One thing that has always troubled my film scanning endeavors are the moving parts. Either the device moves the film or the scanner moves a CCD. The quality of the image is limited, in part, to the accuracy of the movement. The microscope/camera technique seems to over come the moving CCD, assuming that the image is properly positioned at the time of the capture. (image)

iRule that limits portal console access

Thu, 09 Sep 2004 22:11:00 GMT

Originally posted on:

Here are the requirements:

Exclude access, to either HTTP requests that contain /portal/console in the URI or from among deemed suspicious variables, from all client requests other than those who's source address is from internal address space.


rule server_lock_down  {

 if (http_uri matches_regex "/portal/console" and not one of internal_network_class) {
    redirect to "http://%h"
   else if (http_content contains one of bad_variable_class and not one of internal_network_class) {
     redirect to "http://%h"
    else {
      use pool x



iRule that identifies LDAP v.2 read and write requests

Thu, 09 Sep 2004 20:58:00 GMT

Originally posted on:

The issue is Vignette makes LDAP v.2 requests that are load balanced to a Master and Consumer, Sun Java System Directory Server 5.2.  I must parse the transactions to identify “read“ and “write“ requests.  Read requests may be sent to either servers, while the write requests must be sent only to the Master LDAP server.

Read request redirected to Master or Consumer LDAP server:

  • SearchRequest
  • CompareRequest


Write requests forwarded to Master LDAP server:

  • ModifyRequest
  • AddRequest
  • DelRequest
  • ModifyDNRequest


Operations common to both Master and Consumer LDAP servers:

  • BindRequest
  • UnbindRequest
  • AbandonRequest
  • ExtendedRequest

How Windows Media Services Works

Thu, 09 Sep 2004 22:24:00 GMT

Originally posted on:

Here are the details of the protocols.

Protocol rollover: How the server discovers the best protocol to initiate the stream.

Windows 2000 explaination of MMS with client side firewall. (image)

The origins of the Web

Thu, 09 Sep 2004 22:16:00 GMT

Originally posted on:

As it turns out Vannevar Bush didn't coin the phrase hypertext although he lays out the concepts of the web in his collumn “As We May Think“ for the Atlantic Monthly. Clearly a brilliant visionary, he even considers the problems we now face with i/o devices and logical abstraction.

Of note, it seems that Vannevar was a logical positivist, it is intersting to see the dillema that has resulted in a now post modern world that, in large part, is sceptical in regards to truth.  The pressuppositions of this article assume that facts would be the overriding drive behind the choices of ones logical progression.