Forum Discussion

ipman_1988_5418

Nimbostratus

Aug 08, 2017

Apply AFM policy dynamically via iRule

Is there a way to apply an AFM policy dynamically via an irule based on source country? I used to have an irule that did this using data-group list now we use AFM on the any/any forwarder but we've f...

Cumulonimbus

Aug 09, 2017

Hi,

This Irule will work for ltm with dns profile. You may be able to enable on arm rule.

when DNS_REQUEST {
   switch [DNS::question type] {       
       "MX" - "SOA" - "NS" {           
           return           
       }           
       default {
           DNS::header rcode NOERROR
           DNS::return 
   }   
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Apply AFM policy dynamically via iRule

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

How to configure ssh access by key on F5OS

F5 BIG-IP DNS/Audit Logs — Structured Format for SIEM Ingestion

Bot Defense causing a lot of false positives

Recommendation for Adv. Lab

iRules for recreation: HTTP Protocol Parser implemented using BIG-IP iRule(unfinished)

Related Content

Fine-Tuning F5 NGINX WAF Policy with Policy Lifecycle Manager and Security Dashboard

LTM Policy

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

iControl REST Cookbook - LTM policy (ltm policy)

Can SIP protocol be applied to WAF Policy?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS