Altostratus
How can I (via an irule?) disable the ASM when i see external request and enabling it when i receive internal requests?
Thanks.
This depends, at least partially, on what version you are using. The methods to disable the ASM within iRules has changed a few times. If the internal and external clients will be from different networks, it should be fairly simple to define an iRule to do this. This has come up a time or two before, in fact. Have a look at the solutions we talked about in this post:
http://devcentral.f5.com/Default.aspx?tabid=53&forumid=47&postid=34111&view=topic
The best solution is probably a hybrid of these rules. This, to filter based on client IP address:
http://devcentral.f5.com/wiki/default.aspx/iRules/AccessControlBasedOnIP.html
Then this to bypass ASM:
https://support.f5.com/kb/en-us/solutions/public/7000/600/sol7616.html
Cheers!
// Ben
Altostratus
Cirrostratus
SOL10128: The PLUGIN iRule commands do not function in BIG-IP version 10.0.0
https://support.f5.com/kb/en-us/solutions/public/10000/100/sol10128.html (Click here)
It would be ideal if the PLUGIN::, ASM:: and WAM:: commands could be documented in the Wiki at some point (nudge, nudge).
Aaron