Forum Discussion

Adrien_Legros_1's avatar
Adrien_Legros_1
Icon for Altostratus rankAltostratus
Aug 04, 2009

Disable ASM module within Irule

Hello, we currently use BigIp LTM version 10.0.1 with the ASM module.

 

We have installed this version to use the ASM::disable command that was unavailable in version 10.0

 

 

We want to disable ASM for request from external users but when I perform some tests, I can see that the ASM is still intercepting the requests. Here is the Irule:

 

 

when HTTP_REQUEST {

 

set debug 1

 

if {not [matchclass [IP::client_addr] starts_with $::internalCl]} {

 

if {$debug}{log local0. "External client [IP::client_addr] DIRECT"}

 

ASM::disable

 

pool pool_unprotected

 

 

} else {

 

Internal request [HTTP::uri] via ASM

 

log local0. "Internal request from [IP::client_addr] to ASM -> [HTTP::uri]"

 

....

 

}

 

 

I have no errors in the logs, I can see that it is an external IP but ASM is stille intercepting the requests...

 

 

the internal part with the ASM works perfectly.

 

It also works with the command "event disable all" in place of ASM::disable but the full Irule is disable which is what I don't want.

 

 

Thanks for your help.
application delivery
dev
devops
iRules

4 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Aug 04, 2009
    Do you see the External client DIRECT log being triggered? I think you should be using the class commands (Click here) in v10, not matchclass.

     

     

    Aaron
  • Adrien_Legros_1's avatar
    Adrien_Legros_1
    Icon for Altostratus rankAltostratus
    Aug 04, 2009
    Yes the external client is triggered and I go to the correct pool. But when I try to enter bad caracters in a field, I can see that the ASM is intercepting the request.
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Aug 04, 2009
    Ah, I think you need to change the event to HTTP_CLASS_SELECTED.

     

     

    Aaron