For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Lewis_165664's avatar
Lewis_165664
Icon for Nimbostratus rankNimbostratus
Apr 19, 2016

Configuration of request adapt for ICAP AV scanning

Hi there.

 

I'm working on an implementation of request adaptation to an ICAP server, pretty much as per this design - https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-4-0/12.html

 

What I've found is that the VS will stream all HTTP traffic to the internal virtual server.

 

I'm trying to work out a way to only send POSTs to a single URL to the ICAP server. There is no way to do this via the request adapt profile, so I'm thinking either an iRule which turns on adapt enable for a given URL, or an LTM policy to action on said URL and forward to the internal virtual server.

 

Any suggestions appreciated :)

 

application delivery
iRules
LTM

7 Replies

  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    Icon for Nacreous rankNacreous
    Apr 19, 2016

    Hello,

    You can add an irule similar to this one :

    when HTTP_REQUEST {
 if {[HTTP::method] equals "POST" and [HTTP::header Content-Length] < 10000000 } {
    ADAPT::enable true
 } else {
    ADAPT::enable false
 }
}

    Thus, you can force ICAP when the request is a POST and the body doesn't exceed a certain size

    • davidfisher's avatar
      davidfisher
      Icon for Cirrus rankCirrus
      Jul 21, 2018

      The content you have mentioned would be in bits, right?

       

  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    Apr 19, 2016

    Hello,

    You can add an irule similar to this one :

    when HTTP_REQUEST {
 if {[HTTP::method] equals "POST" and [HTTP::header Content-Length] < 10000000 } {
    ADAPT::enable true
 } else {
    ADAPT::enable false
 }
}

    Thus, you can force ICAP when the request is a POST and the body doesn't exceed a certain size

  • Lewis_165664's avatar
    Lewis_165664
    Icon for Nimbostratus rankNimbostratus
    May 17, 2016

    Excellent, many thanks. I got it working exactly as needed as per below 

    
when HTTP_REQUEST { 
 if {[HTTP::method] equals "POST" and [HTTP::path] equals "/path/to/uri/location.aspx" } {
    ADAPT::enable true
 } else {
    ADAPT::enable false
 }
}
    • Stanislas_Piro2's avatar
      Stanislas_Piro2
      Icon for Cumulonimbus rankCumulonimbus
      Nov 03, 2017

      Hi,

       

      ASM have the ICAP feature to include ICAP within security policy. But you can also filter upload with LTM using ICAP profile.