Can iRule do Content filtering?

Question

Now there're some products for DPI (Deep Packet Inspection). What they do is to checking L7 information to filtering content based on some rules.  
&nbsp;  
&nbsp; iRule can do a lot jobs, L4 to L7. I want to know if iRule can also finish the job of DPI. Can iRule checking the L7 information to control the user access?  
&nbsp;  
&nbsp; For example, when user request some page from www.abc.com, can iRule block it?  
&nbsp; Or, when some page contains some words which fit the filtering list, the page will be blocked, can iRule do it?  
&nbsp;  
&nbsp; Here I just want to know if iRule can do it, not talking about the performance impact  to BIGIP of doing this kind of inspection.  
&nbsp;  
&nbsp; Anybody any idea?  
&nbsp;  
&nbsp; Thanks

hooleylist · Answer

Hi, 
&nbsp;  
&nbsp; You can do fairly comprehensive layer 7 inspection of HTTP headers and payloads in requests and responses using iRules.  You could check the Referer header to see what the client reports as being the previous URL.  You could parse strings from the request headers or body and check them against a blacklist. There are a few examples of Referer checking in the iRules Codeshare (Click here).  If you search the forums for blacklist, you can also find a few example iRules. 
&nbsp;  
&nbsp; If you have more specific scenarios of what you'd potentially want to implement, we can give you more detailed feedback. 
&nbsp;  
&nbsp; Aaron

hellhammer_3588 · Answer

thanks

Forum Discussion

Can iRule do Content filtering?

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Related Content

Custom error page iRule with IP address filtering

WAF - URL advance option - header based content profiles

Filter to allow certain URL/URI

iRULE regsub error

owa iapp assign irule