MSM iRule Customization

Question

Has anyone worked with MSM (Message Security Module)? We seem to be at the mercy of the "Trusted Source" database and would like to whitelist a group of IP addresses for our customers that "Secure Computing" currently catagorizes as Malicious. 
&nbsp;  
&nbsp; Is there any way to alter the MSM iRule to allow for a customizable whitelist of IPs that we consider to be safe, regardless of what Trusted Source reports?

nicolas_menant · Answer

Hi,   
    
  I wouldn't recommend to modify the iRule provided with MSM or you will lose support on it.   
    
  Instead i would recommend to configure a new iRule that will be triggered before and do your checking.   
    
  Here is an example to handle a white list and a black list:

when CLIENT_ACCEPTED {  
    if { [matchclass [IP::client_addr] equals $::white_list] } {  
    log local0. "client: [IP::client_addr] found in white_list directed to http_test_pool"  
  pool http_test_pool  
  event disable all  
    }  
    elseif { [matchclass [IP::client_addr] equals $::black_list] } {  
      log local0. " client: [IP::client_addr] found in black_list directed to http_test_pool_2"  
  pool http_test_pool_2   
              or discard  
  event disable all  
    }  
  }

You just need to specify this iRule in your VS before the MSM one  
    
  HTH

Forum Discussion

MSM iRule Customization

1 Reply

Recent Discussions

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

APM OCSP Responder Issues

no available managed rule groups for Israel il-central-1

Related Content

MSM Bypass

custom response page for api

SSL Orchestrator Advanced Use Cases: Custom Blocking Pages

Customizing APM end user login page with APM Advanced Customization Templates

iRule Interference: Custom Closes and Responses