Forum Discussion

YossiV's avatar
YossiV
Icon for Nimbostratus rankNimbostratus
Jul 13, 2016

Irule for Data group List to Block specific cookie

Hi. i am wondering if there is any option to create a datagroup (string type) and assign it to an irule which will block the request ( for example response 403) base on the cookie that the client coming with?. example: client is trying to login to the back office system with username and password. in the cookie i can see his login name. i want to block a specific login names . since i have more than 200 logins names to block, i though to create a data group with that will contain the login names i want to block, and to create an i rule which will block the client request base on the cookie

 

this is an example of a basic login request to the system.

 

application delivery
iRules
LTM

1 Reply

Sort By
  • jgranieri's avatar
    jgranieri
    Icon for Nimbostratus rankNimbostratus
    Jul 14, 2016

    I am far from a programmer and irule expert but these are basically what you need to do.

    Use the event handler When HTTP_REQUEST to capture the header containing the cookie, store it in a variable. Log it or not and then compare it to the string data-group and take an action.

    so here is something that you can work off of. You need to pre-configure a pool, a string based data-group. The syntax might be off as I quickly threw it together but you should be able to work off of this and get it going. 

    when CLIENT_ACCEPTED {  
    log local0. "[IP::client_addr]: HTTP Client Connected"
}
when HTTP_REQUEST {
    set Found_Cookie"[HTTP::header value Cookie]"
     Your choice to log this or not 
     log local0. "Detected Cookie as $Found_Cookie"
    if { [class match $Found_Cookie contains Cookie_String_Data_Group } {
          log local0. "Cookie matches data-group and this connection will be rejected"
          reject  
    }
      } else {
       log local0. "Cookie does not match the reject list Allowing connection"
       pool XYZ
}