Forum Discussion

Cirrocumulus

Apr 24, 2024

Can iRule be used to perform exception of IPI category based on Geolocation

Hi Everyone, Can we configure iRule to perform exception on certain IPI category like "Spam Sources" based on Geolocation. For instance, I want to bypass the mitigation enforced on "Spam Sour...

security

spalande

Nacreous

May 02, 2024

My bad. Else condition is rejecting all traffic. Try below and I would suggest try on non-prod VIP first.

when HTTP_REQUEST { 
    set ip_reputation_categories [IP::reputation [IP::client_addr]]
    if {([$ip_reputation_categories contains "Spam Sources"]) and (!([[whereis [IP::client_addr] country] equals "NP"]))} {
	log local0. "IP from spam sources block: [IP::client_addr]"
	drop
	} else {
	#DO NOTHING
	}
  }

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)