Forum Discussion

ipman_1988_5418

Nimbostratus

Aug 08, 2017

Apply AFM policy dynamically via iRule

Is there a way to apply an AFM policy dynamically via an irule based on source country? I used to have an irule that did this using data-group list now we use AFM on the any/any forwarder but we've f...

Cumulonimbus

Aug 10, 2017

Hi,

This Irule will work for ltm with dns profile. You may be able to enable on arm rule.

when DNS_REQUEST {
   switch [DNS::question type] {       
       "MX" - "SOA" - "NS" {           
           return           
       }           
       default {
           DNS::header rcode NOERROR
           DNS::return 
   }   
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Apply AFM policy dynamically via iRule

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

LTM Policy

Can SIP protocol be applied to WAF Policy?

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

iControl REST Cookbook - LTM policy (ltm policy)

Apply a Policy to an SNAT list

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS