Anti-SQL Injection

Hi, I am new to irules. I am trying to impliment the anti-sql injection iRule that was an honorable mention in the 2006 irule contest:

 

 

http://devcentral.f5.com/Default.aspx?tabid=110

 

 

I guess my issue is with the data classes. I tried to paste the entire iRule, but it didn't like that. So, I went in and setup sql_injections Data Group of type "string" and put the various values in there. I then put the irule part in the irule. I applied it. There are no errors being thrown, but it doesn't seem to filter out the prblem requests (in my testing).

 

 

Incidentally, I'm just using the web interface, not the iRules editor - which I saw mentioned.

 

 

Here is the the iRule as written in the honorable mention page:

 

 

Data Classes

 

 

bigpipe class sql_injections {

 

"?password=password"

 

"insert"

 

"password&username"

 

"select"

 

"union"

 

"where"

 

}

 

 

iRule

 

 

By Scott Melnick

 

when HTTP_REQUEST {

 

 

if { [matchclass [URI::decode [string tolower [HTTP::uri]]] contains $::sql_injections ] } {

 

log local0. "HTTP SQL Injection attempt"

 

drop

 

 

}

 

 

}