Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

iRule needs updating from HTTP_CLASS for 11.4.x

All, I was hoping someone could help me with the ASM iRule. I need the HTTP_CLASS removed as that option cannot be used on 11.4.x. I would appreciate any help in the right direction.

ltm rule block_webbots2 {
    when HTTP_REQUEST {
   set abort_trans 0
   # Check the UA header value, set to lower case
   switch -glob [string tolower [HTTP::header User-Agent]] {
      "_googlebot_" -
      "_msnbot<em>" -
      "_yahoo</em>" {
         # Bad UA, send a TCP reset
         set abort_trans 1
      }
   }
}
when HTTP_CLASS_SELECTED {
   if {[HTTP::class asm]==1}{
      if {$abort_trans==1}{
         ASM::disable
         reject
      }
   }

else
   {
      if {$abort_trans==1}{
         reject
      }
   }
}
}
0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

[POLICY::controls asm] in the HTTP_REQUEST event will tell you if asm is enabled, but I'm curious why if both conditions of if/else is to reject the request if abort_trans is 1 it matters? Can't you just reject it in the HTTP_REQUEST event without a policy check?

0