Irule, Datagroup to whitelist certain ip addresses?

Question

We have several customer that are being scanned (PCI, Penetration Tests etc.) and when that happens we have to whitelist a huge amount of ip addresses on our ASM&nbsp;
Is there a way to whitelist these ip addresses through datagroups, so that ASM will not block?&nbsp;
Best Regards
Brian&nbsp;

youssef1 · Answer

Hi,
create your dg then use this irule:
when HTTP_REQUEST {
    if {[matchclass [IP::client_addr] equals bypass_asm_class]}{
         whitelist IP      
        ASM::disable
        return
    } else {
        do nothing
    }
}

Regards

Forum Discussion

Irule, Datagroup to whitelist certain ip addresses?

1 Reply

Recent Discussions

Import PKCS 12 SSL to Device Certificate via API/Script or CLI on BIG-IP

Help with URL Masking

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

Related Content

CSV to Address External Datagroup File

Help me! About datagroup

Global Blacklist or Whitelist

Modifying multiple entries in a datagroup via api?

Decoding the IPv4 address from the persistence cookie