Forum Discussion

muzammil_88686's avatar
muzammil_88686
Icon for Nimbostratus rankNimbostratus
Nov 12, 2012

Blocking Multiple URLs

Guys,

 

 

I want to block the below two URLs using iRule and also I want to log the dropped connections for both the URLs.

 

 

/xyz*

 

/abc

 

 

Could you pls let me know what is the iRule?

 

application delivery
dev
devops
iRules

16 Replies

Show More
  • muzammil_88686's avatar
    muzammil_88686
    Icon for Nimbostratus rankNimbostratus
    Nov 12, 2012
    Still i m getting the below errors.

     

     

    line 2: [wrong args] [switch -glob [string tolower [HTTP::path]] ]

     

    line 3: [undefined procedure: /xyz/bus*] ["/xyz/bus*" -]

     

    line 4: [undefined procedure: /xyz/car*] ["/xyz/car*" { return }]

     

    line 6: [undefined procedure: /xyz*] ["/xyz*" -]

     

    line 7: [undefined procedure: /123*] ["/123*" {
  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Nov 12, 2012
    Sorry, missing some brackets that time, this should be perfect now!; 

    
when HTTP_REQUEST {
 switch -glob [string tolower [HTTP::path]] {
  "/xyz/bus*" -
  "/xyz/car*" { return }
   Exit the rule
  "/xyz*" -
  "/123*" {
   drop
   log local0. "Dropped access attempt to [HTTP::uri] from client [IP::client_addr]" 
   }
  }
}
  • muzammil_88686's avatar
    muzammil_88686
    Icon for Nimbostratus rankNimbostratus
    Nov 12, 2012
    Dear Steve,

     

     

    Actually I m trying the below rule which is suggested by you as I need to send it to specific pool.

     

     

    when HTTP_REQUEST {

     

    if { switch -glob [string tolower [HTTP::path]] } {

     

    "/xyz/bus*" -

     

    "/xyz/car*" {

     

    return

     

    } }

     

    Exit the rule

     

    elseif { switch -glob [string tolower [HTTP::path]] } {

     

    "/xyz*" -

     

    "/123*" {

     

    drop

     

    log local0. "Dropped access attempt to [HTTP::uri] from client [IP::client_addr]"

     

    } }

     

    }

     

     

     

    But I m getting the below errors.

     

     

    line 2: [parse error: PARSE syntax 34 {syntax error in expression " switch -glob [string tolower [HTTP::path]] ": variable references require preceding $}] [{ switch -glob [string tolower [HTTP::path]] }]

     

    line 3: [undefined procedure: /xyz/bus*] ["/xyz/bus*" -]

     

    line 4: [undefined procedure: /xyz/car*] ["/xyz/car*" {

     

    line 8: [undefined procedure: elseif] [elseif { switch -glob [string tolower [HTTP::path]] } {
  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Nov 12, 2012
    Hmmm, think it's the brackets again, try this; 

    
when HTTP_REQUEST {
if { switch -glob [string tolower [HTTP::path]] } {
"/xyz/bus*" -
"/xyz/car*" {
return
}
}
Exit the rule
elseif { switch -glob [string tolower [HTTP::path]] } {
"/xyz*" -
"/123*" {
drop
log local0. "Dropped access attempt to [HTTP::uri] from client [IP::client_addr]"
return
}
}
}
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Nov 12, 2012
    I think this might be what you're trying to do: 

    
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::path]] {
"/xyz/bus*" -
"/xyz/car*" {
Exit the rule
return
}
"/xyz*" -
"/123*" {
drop
log local0. "Dropped access attempt to [HTTP::uri] from client [IP::client_addr]"
return
}
}
}

    The first matches on /xyz/bus* and /xyz/car* will be checked first. All other /xyz* URIs which don't match the first switch cases will be dropped.

    Aaron

    Aaron
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Nov 12, 2012
    And keep in mind that these URI checks could potentially be bypassed with path traversal and/or URI encoding:

     

     

    https://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/30900/showtab/groupforums/Default.aspx31324

     

     

    Aaron