For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

computerli's avatar
computerli
Icon for Altostratus rankAltostratus
Dec 11, 2018

Block specific URI

I am trying to block a URI using iRule. I want to block only the URI listed on my uri-notallowed_data_group which do not match the network_allowed_data_group   I created two data groups   uri-...
application delivery
LTM
gscholz_370150's avatar
gscholz_370150
Icon for Nimbostratus rankNimbostratus
Dec 11, 2018

For simplicity I tested your iRule without the IP address check, and in my environment on v13.1.1.2 it works fine. I logged not only the URI, but also how it got converted.

This is the iRule:

when HTTP_REQUEST {
    if {[class match [string tolower [HTTP::uri]] equals uri-notallowed_data_group]} {
        log local0. "Rejected Connection [HTTP::uri], converted [string tolower [HTTP::uri]]"
        reject
    }
}

And this is the outcome in /var/log/ltm:

Dec 11 17:54:57 f5-c info tmm3[11373]: Rule /Common/irule_uriblock : Rejected Connection /ABC/login?returnurl=/abc, converted /abc/login?returnurl=/abc