Forum Discussion

Ian_Smith's avatar
Ian_Smith
Ret. Employee
Jul 31, 2008

matchclass error message

I'm using 9.4.5 build 1049.10 and trying to get a lookup against a data group that contains md5 hashes of full paths to web destinations, but I need some help understanding what the error I'm seeing means.

Here is the class and the rule:

 
 class hashbl { 
    "917c33c037b3b699521d9b10c0260cd9" 
    "fd3d307363655c14f49102a582bc2950" 
 } 
  
 when HTTP_REQUEST { 
 set string [string tolower [HTTP::host]][string tolower [HTTP::uri]]  
 log local0. "$string" 
 binary scan [ md5 $string ] H* hexhash 
 log local0. "$hexhash" 
 if { [matchclass $hexhash equals $::hashbl ] }  { 
  
 } 
 else { 
  
 } 
 } 
 

when I apply the rule to the virtual and test it, I get the following error in the logs:

 
 Jul 31 13:51:00 tmm tmm[1775]: Rule blacklist-hash-uribl : slashdot.org/ 
 Jul 31 13:51:00 tmm tmm[1775]: Rule blacklist-hash-uribl : fd3d307363655c14f49102a582bc2950 
 Jul 31 13:51:00 tmm tmm[1775]: 01220001:3: TCL error: blacklist-hash-uribl  - Invalid matchclass operands - no class or list type found, lhs: fd3d307363655c14f49102a582bc2950, rhs: {917c33c037b3b699521d9b10c0260cd9} {fd3d307363655c14f49102a582bc2950} (line 5)     invoked from within "matchclass "$hexhash" equals $::hashbl " 
  
  
 

1 Reply

  • I found my bonehead error - SOL1020 lists reserved words that can't be used in bigip configs... and "hash" is one of them, so my class named hashbl wasn't recognized as a class; once I changed the class name everything worked fine.