AltostratusAPM - change CONNECT to GET to trigger per request policy
Hi,
I wonder if this is at all possible to trick APM when CONNECT type of request is received to trigger Per Request Policy (PRP).
According to my test on v13.0.0HF2 no matter what I will do when VS with Access Policy and PRP policy is receiving CONNECT request PRP is not triggered at all - probably by design, but maybe it's a bug?
I would like to be able to use PRP objects to perform URL Filtering (based on target host FQDN) for CONNECT requests.
I think - but it's just theory - that if I would be able to use iRule to change CONNECT HTTP/1.1 to GET http://www.host.com HTTP/1.1 then PRP would launch and do URL filtering stuff.
Unfortunately my skills in iRule programing is rather limited so I will appreciate any help here.
I suspect that maybe there is a way to use when CLIENT_CONNECTED and when CLIENT_DATA to detect CONNECT request, store is in table, change to GET and trick AMP to process it via PRP.
Would it be possible?
It's as well heavily related to be able to pass CONNECT request to another proxy after validating if host reported in CONNECT is allowed by PRP.
Piotr