====== F5 ======
Info related to F5 BIG-IP Load Balancers.

----
===== tmsh =====

====Disable paging====
For a single command you can use ''tmsh -q''.

For a permanent change use ''tmsh modify cli preference pager (disabled|enabled)''.

====List pools that contain a member====
<code>tmsh -q list ltm pool one-line | grep -E '($node_hostname|$node_ip)' | awk '{ print $3 }'</code>

Create node:
<code>create ltm node NODE_NAME address NODE_IPADDRESS monitor icmp
</code>
Modify or create pool:
<code>
modify ltm pool POOL_NAME members add { NODE_NAME:PORT NODE_NAME:PORT }

create ltm pool POOL_NAME members add { NODE_NAME:PORT NODE_NAME:PORT } monitor tcp_half_open

show ltm pool POOL_NAME  members | grep MEMBER
</code>

----
====Find the virtual servers using an SSL profile====
<code>tmsh list /ltm virtual /Partition/* | grep -E "virtual|SSL_PROFILE_NAME"
ltm virtual /Partition/VIRTUAL_SERVER_01 {
ltm virtual /Partition/VIRTUAL_SERVER_02 {
ltm virtual /Partition/VIRTUAL_SERVER_03 {
ltm virtual /Partition/VIRTUAL_SERVER_04 {
        /Partition/SSL_PROFILE_NAME {
ltm virtual /Partition/VIRTUAL_SERVER_05 {
ltm virtual /Partition/VIRTUAL_SERVER_06 {
ltm virtual /Partition/VIRTUAL_SERVER_07 {
        /Partition/SSL_PROFILE_NAME {
ltm virtual /Partition/VIRTUAL_SERVER_08 {
        /Partition/SSL_PROFILE_NAME_BONUS {
ltm virtual /Partition/VIRTUAL_SERVER_09 {
</code>
The virtuals followed by the indented profile name are the ones using that profile.<br>
**Note:** This can turn up other profiles that match, like the one named SSL_PROFILE_NAME_BONUS in the example.

----
====Show TCP connections====
[[https://support.f5.com/csp/article/K53851362|K53851362: Displaying and deleting BIG-IP connection table entries from the command line]]

Show TCP connections to VS 1.2.3.4:<br />
<code>tmsh show sys connection {cs-server-addr 1.2.3.4 protocol tcp}</code>

Show connections to a pool member on port 443:<br />
<code>tmsh show sys connection {ss-server-addr 1.2.3.4 ss-server-port 443}</code>

Count connections to a pool member:<br />
<code>tmsh -q show sys connection {ss-server-addr 1.2.3.4} | awk -F ":" '{print $1}' | sort -u | wc -l</code>

====Clear TCP connections to a VS====
Same as above but "delete" instead of "show".

----
===== Misc =====
A command that F5 wanted run when a box had high CPU.

<code>ps aux > ~/$(cat /proc/sys/kernel/hostname | cut -d'.' -f1)_ps.txt</code>

==== SSL Troubleshooting ====
<code>
curl -k https://URL_OR_IP/
curl -iv https://URL_OR_IP/
openssl s_client -connect URL_OR_IP:443 -prexit
</code>

----
===== iRules =====

==== Date Format ====
http://www.tcl.tk/man/tcl8.4/TclCmd/clock.htm

<code>
set var clock format [clock seconds] -format {%d-%m-%y:%H:%M:%S %Z}
11-08-14:00:49:41 PDT

set var clock format [clock seconds] -format {%d/%b/%Y:%H:%M:%S %z}
11/Aug/2014:13:35:34 -0700
</code>
Note: The second option is CLF (Common Log Format), which is used in [[https://httpd.apache.org/docs/2.4/logs.html|apache's access logs]].


====Displaying all IP addresses in the BIG-IP configuration====
[[https://support.f5.com/csp/article/K34314310|K34314310: Displaying all IP addresses in the BIG-IP configuration]]
 show /sys ip-address
 show /sys ip-address all-properties

====Map from CLI====
List all the VS and Pool members in one command. It's not quite the Map but it's close enough.
<code>
tmsh list ltm virtual all-properties one-line | perl -ne '($vs) = /ltm virtual (\S+)/; ($dest) = / destination (\S+)/; ($pool) = / pool (\S+)/; { print "$vs $dest $pool\n" }' | (while read vs dest pool; do members=$(tmsh list ltm pool $pool members | perl -ne 'if (/^        (\S+) {/) {print "$1\t" } elsif (/ address (\S+)/) { print "$1\t" }'); echo $vs $dest $pool $members; done) > /var/tmp/virtuals.csv
</code>