Forum Discussion

Nimbostratus

Nov 01, 2008

ASM custom blocking response & iRules

I am trying to write an iRule to do search and replace logic on the body of a custom blocking response.

When I add headers to the custom blocking response within ASM I do not see them when logging the headers within a "when HTTP_RESPONSE" iRule.

Can this be done, or is the ASM blocking response mechanism disconnected from iRules present on the VIP?

I am running 9.4.3.

app sec

BIG-IP Access Policy Manager (APM)

security

11 Replies

Torti

Cirrus

Oct 28, 2011

Hi,

i try to redirect to the default entrypoint of an URL, if a client goes a wrong way.

But i get the message http_process_state_prepend - Invalid action EV_SINK_HEADER during ST_HTTP_PREPEND_HEADERS like Brad before.

What Im doing wrong?

Thx


when ASM_REQUEST_BLOCKING {
 log local0.alert "www.HOST.de ASM Request Blocking event"

 get violation informations
set x [ASM::violation_data]

 log local0.alert "www.HOST.de ASM Request Blockng event"

if {([lindex $x 0] contains "VIOLATION_OBJ_DOESNT_EXIST")} {
log local0. "www.HOST.de --> Blocking VIOLATION_OBJ_DOESNT_EXIST (illegal URL), uri=$uri"

 HTTP::respond 302 "Location" http://www.HOST.de Cache-Control No-Cache Pragma No-Cache
}

}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)