For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

JustCooLpOOLe's avatar
JustCooLpOOLe
Icon for Cirrocumulus rankCirrocumulus
Nov 13, 2017

Disable ASM within Existing iRule

Current iRule:

 

when HTTP_REQUEST { set uri [string tolower [HTTP::uri]]

 

switch -glob $uri { "/test" { pool TEST_POOL } "/test1" { pool TEST2_POOL } default { pool MY_POOL } } }

 

Is it possible to throw in "ASM::disable" for the "/test1*" condition to this existing iRule? I'm running version 12.1.2 HF1.

 

application delivery
iRules
LTM
security

2 Replies

  • JustCooLpOOLe's avatar
    JustCooLpOOLe
    Icon for Cirrocumulus rankCirrocumulus
    Nov 13, 2017

    Update. I was able to add "ASM::disable" for the test1 condition and the developer has verified the request is no longer being blocked.

     

  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Nov 13, 2017

    ASM policies are enabled in LTM with a LTM policy.

    why are you trying to disable ASM within an irule instead of LTM policy?

    In the LTM policy, add a rule above the existing rule with condition :

    HTTP Uri path starts with /test1

    and with action 

    disable ASM