Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

ASM IP Address Exception API Question

I am trying to automate the adding of an ip address to the IP Address Exception in an ASM Policy. In the JSON data, I can't out how to get the "Block this IP Address" field to say "Never Block this IP". I think the JSON field is neverBlockRequests. Does anyone know what the correct format for the JSON would be to get the "Block this IP Address" field to say "Never Block this IP"?

{ "ignoreIpReputation": false, "ignoreAnomalies": false, "neverLogRequests": false, "ipAddress": "{{ ipaddressvar }}", "description": "{{ descriptionvar }}", "neverLearnRequests": false, "ipMask": "255.255.255.255", "trustedByPolicyBuilder": true, "neverBlockRequests": false }

0
Rate this Question
Comments on this Question
Comment made 2 months ago by Glen Pekarcsik 11

thank you. this worked for me.

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

You need to send the setting as "blockRequests"

Enum:

always policy-default never

Example:

$ curl -sku admin:admin https://${BIGIP_MGMT}/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/2Y_eGBP7g7PpbkqZ-iKz6Q |jq .
{
  "ignoreIpReputation": false,
  "blockRequests": "policy-default",
  "ignoreAnomalies": false,
  "neverLogRequests": false,
  "ipAddress": "1.1.1.1",
  "lastUpdateMicros": 1542658445000000,
  "description": "",
  "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
  "neverLearnRequests": false,
  "selfLink": "https://localhost/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/2Y_eGBP7g7PpbkqZ-iKz6Q?ver=14.0.0",
  "ipMask": "255.255.255.255",
  "id": "2Y_eGBP7g7PpbkqZ-iKz6Q",
  "trustedByPolicyBuilder": false
}

Image Text

Then we change the "blockRequests" setting to "never"

$ curl -sku admin:admin https://${BIGIP_MGMT}/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/2Y_eGBP7g7PpbkqZ-iKz6Q -X PATCH -d '{"blockRequests": "never"}'| jq .
{
  "ignoreIpReputation": false,
  "blockRequests": "never",
  "ignoreAnomalies": false,
  "neverLogRequests": false,
  "ipAddress": "1.1.1.1",
  "lastUpdateMicros": 1542658535000000,
  "description": "",
  "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
  "neverLearnRequests": false,
  "selfLink": "https://localhost/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/2Y_eGBP7g7PpbkqZ-iKz6Q?ver=14.0.0",
  "ipMask": "255.255.255.255",
  "id": "2Y_eGBP7g7PpbkqZ-iKz6Q",
  "trustedByPolicyBuilder": false
}

Image Text

0
Comments on this Answer
Comment made 3 months ago by Wackitron 75

@suttonsc in the uri I know that after policies, we have the policy hash. But how about the other unique no. right after the whitelist-ips? Can you shed some light on this uri part after the whitelist-ips

0
Comment made 2 months ago by suttonsc

The second unique no. is the specific whitelist ip ID, this can be seen in the "id" and "selfLink" fields.


$ curl -sku admin:admin https://${BIGIP_MGMT}/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips | jq .
{
  "kind": "tm:asm:policies:whitelist-ips:whitelist-ipcollectionstate",
  "selfLink": "https://localhost/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips?ver=14.0.0",
  "totalItems": 3,
  "items": [
    {
      "ignoreIpReputation": false,
      "blockRequests": "never",
      "ignoreAnomalies": false,
      "neverLogRequests": false,
      "ipAddress": "1.1.1.1",
      "lastUpdateMicros": 1542658535000000,
      "description": "",
      "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
      "neverLearnRequests": false,
      "selfLink": "https://localhost/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/2Y_eGBP7g7PpbkqZ-iKz6Q?ver=14.0.0",
      "ipMask": "255.255.255.255",
      "id": "2Y_eGBP7g7PpbkqZ-iKz6Q",      <<<<< Unique ID also listed in the selfLink
      "trustedByPolicyBuilder": false
    },
    {
      "ignoreIpReputation": false,
      "blockRequests": "policy-default",
      "ignoreAnomalies": false,
      "neverLogRequests": false,
      "ipAddress": "1.1.1.2",
      "lastUpdateMicros": 1543340616000000,
      "description": "",
      "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
      "neverLearnRequests": false,
      "selfLink": "https://localhost/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/Hjbkcd7PUjTQRtQZCB7Vgw?ver=14.0.0",
      "ipMask": "255.255.255.255",
      "id": "Hjbkcd7PUjTQRtQZCB7Vgw",      <<<<< Unique ID also listed in the selfLink
      "trustedByPolicyBuilder": false
    },
    {
      "ignoreIpReputation": false,
      "blockRequests": "policy-default",
      "ignoreAnomalies": false,
      "neverLogRequests": false,
      "ipAddress": "2.2.0.0",
      "lastUpdateMicros": 1543340632000000,
      "description": "",
      "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
      "neverLearnRequests": false,
      "selfLink": "https://localhost/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/RExCakuQmhr88Mn5wTCHng?ver=14.0.0",
      "ipMask": "255.255.0.0",
      "id": "RExCakuQmhr88Mn5wTCHng",      <<<<< Unique ID also listed in the selfLink
      "trustedByPolicyBuilder": false
    }
  ]
}

Now using the "id" as the second unique value to change the settings, changing the "2.2.0.0" ip setting using the "RExCakuQmhr88Mn5wTCHng" id value:

$ curl -sku admin:admin https://${BIGIP_MGMT}/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/RExCakuQmhr88Mn5wTCHng  -X PATCH -d '{"blockRequests": "never"}'| jq .
{
  "ignoreIpReputation": false,
  "blockRequests": "never",
  "ignoreAnomalies": false,
  "neverLogRequests": false,
  "ipAddress": "2.2.0.0",
  "lastUpdateMicros": 1543340803000000,
  "description": "",
  "kind": "tm:asm:policies:whitelist-ips:whitelist-ipstate",
  "neverLearnRequests": false,
  "selfLink": "https://localhost/mgmt/tm/asm/policies/iI4FhL_muTcQH4SsZhJiCQ/whitelist-ips/RExCakuQmhr88Mn5wTCHng?ver=14.0.0",
  "ipMask": "255.255.0.0",
  "id": "RExCakuQmhr88Mn5wTCHng",
  "trustedByPolicyBuilder": false
}

Please let me know if this addresses the question you have.

0
Comment made 1 month ago by Wackitron 75

Thanks @suttonsc, sorry for such a dumb question.

0