In September and October of 2016, a new botnet appeared comprised of DVRs, closed-circuit TVs and other devices using the BusyBox embedded OS. The bot code, however, contains a flaw that can result in a bot segfault when a specially-crafted Location header is sent back to it.
At the time of this writing, no known fingerprints for the Mirai botnet exist. However, Mirai only attacks a single URI at a time, so the iRule watches for this and sends back the specially-crafted location header only if a client requests the same URI ten times in ten seconds. This is a crude detection mechanism and might interfere with legitimate clients (such as an API poll). So use at your discretion.
Is it possible to edit this irule for all url not only a url?i think than this will be work likes web scrabing in asm .