Forum Discussion

Altostratus

Dec 11, 2018

Block specific URI

I am trying to block a URI using iRule. I want to block only the URI listed on my uri-notallowed_data_group which do not match the network_allowed_data_group I created two data groups uri-...

application delivery

LTM

gscholz_370150

Nimbostratus

Dec 11, 2018

For simplicity I tested your iRule without the IP address check, and in my environment on v13.1.1.2 it works fine. I logged not only the URI, but also how it got converted.

This is the iRule:

when HTTP_REQUEST {
    if {[class match [string tolower [HTTP::uri]] equals uri-notallowed_data_group]} {
        log local0. "Rejected Connection [HTTP::uri], converted [string tolower [HTTP::uri]]"
        reject
    }
}

And this is the outcome in /var/log/ltm:

Dec 11 17:54:57 f5-c info tmm3[11373]: Rule /Common/irule_uriblock : Rejected Connection /ABC/login?returnurl=/abc, converted /abc/login?returnurl=/abc

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)