Topic: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA (Read 4609 times)

jmelika · « **on:** July 04, 2008, 09:48:51 AM »

NetScaler v 7 build 51.

I was trying to setup a policy on my network to drop all HTTP requests that are neither GET nor POST. That was easy. I ran into a problem since my Exchange environment required HTTP Methods RPC_IN_DATA and RPC_OUT_DATA for Outlook Anywhere (formerly known as RPC over HTTP/S). When I tried to add those impressions to the policy to permit them as well, I get invalid policy rule error. It looks like the NetScaler is hardcoded with what methods there are, and those two ones are missing.

JM

TheOracle · « **Reply #1 on:** July 08, 2008, 08:59:49 AM »

What feature were you using to do this, CF? If so, try using responder to do this, as you can drop requests with it as well.

The Oracle

jmelika · « **Reply #2 on:** July 08, 2008, 11:52:20 AM »

I am using Protection Features/Filter. How come I don't have responder as an option? Is is in 8.0+?

JM

danm · « **Reply #3 on:** July 11, 2008, 09:35:42 AM »

Quote from: jmelika on July 08, 2008, 11:52:20 AM

I am using Protection Features/Filter. How come I don't have responder as an option? Is is in 8.0+?

JM

Yes. It's 8.0+ and you have to enable it.

>enable ns feature RESPONDER

> show ns feature
Feature status:

Responder: ON

Done

jmelika · « **Reply #4 on:** July 11, 2008, 09:49:07 AM »

bummer. I can't upgrade to v8 yet.

The bug still remains though in v7. Can someone attempt it in v8 for me please and report the results?

Thanks!
JM

TheOracle · « **Reply #5 on:** July 13, 2008, 10:13:50 AM »

I thought that at one point it had required a "well known" method to be configured, but had been removed as a requirement. Now it may be a limit on the size of the method, as it may be assuming that the method string is shorter than a given value. If so, try using something like XYZ and if it works, then this is the issue.

The Oracle

jmelika · « **Reply #6 on:** July 14, 2008, 10:06:37 AM »

Oracle, I just tried REQ.HTTP.METHOD != XYZ and I still received the Invalid Rule error. I think it has to do with preset rules.

TheOracle · « **Reply #7 on:** July 28, 2008, 07:26:19 AM »

Try this:

add rewrite policy drop_invalid_method "!(HTTP.REQ.METHOD.EQ(\"GET\")||HTTP.REQ.METHOD.EQ(\"POST\")||HTTP.REQ.METHOD.EQ(\"RPC_IN_DATA\")||HTTP.REQ.METHOD.EQ(\"RCP_OUT_DATA\"))" RESET

This bound as a request policy should do the job as well.

The Oracle

Netscaler Knowledgebase

News:

Author Topic: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA (Read 4609 times)

jmelika

HTTP Methods RPC_IN_DATA and RPC_OUT_DATA

TheOracle

Re: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA

jmelika

Re: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA

danm

Re: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA

jmelika

Re: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA

TheOracle

Re: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA

jmelika

Re: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA

TheOracle

Re: HTTP Methods RPC_IN_DATA and RPC_OUT_DATA