For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

hellhammer_3588's avatar
hellhammer_3588
Icon for Nimbostratus rankNimbostratus
Sep 15, 2009

Can iRule do Content filtering?

Now there're some products for DPI (Deep Packet Inspection). What they do is to checking L7 information to filtering content based on some rules.

 

 

iRule can do a lot jobs, L4 to L7. I want to know if iRule can also finish the job of DPI. Can iRule checking the L7 information to control the user access?

 

 

For example, when user request some page from www.abc.com, can iRule block it?

 

Or, when some page contains some words which fit the filtering list, the page will be blocked, can iRule do it?

 

 

Here I just want to know if iRule can do it, not talking about the performance impact to BIGIP of doing this kind of inspection.

 

 

Anybody any idea?

 

 

Thanks
application delivery
dev
devops
iRules

2 Replies

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Sep 15, 2009
    Hi,

     

     

    You can do fairly comprehensive layer 7 inspection of HTTP headers and payloads in requests and responses using iRules. You could check the Referer header to see what the client reports as being the previous URL. You could parse strings from the request headers or body and check them against a blacklist. There are a few examples of Referer checking in the iRules Codeshare (Click here). If you search the forums for blacklist, you can also find a few example iRules.

     

     

    If you have more specific scenarios of what you'd potentially want to implement, we can give you more detailed feedback.

     

     

    Aaron