For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Richard__Harlan's avatar
Richard__Harlan
Historic F5 Account
Nov 02, 2006

external calss

We are in the process from moving from a stander data class to a external class but for the life of me every time I try to load the file I get 01070626:3: The IP class external file (/config/spamlist2) has an invalid format. is there a doc that shows the external class format so we can find out what we are doing wrong. Thanks Blow is a snip of the external class

 

 

89.52.100.126 / 255.255.255.255

 

89.52.84.12 / 255.255.255.255

 

89.82.255.36 / 255.255.255.255

 

89.86.165.5 / 255.255.255.255

 

89.98.89.20 / 255.255.255.255
application delivery
dev
devops
iRules

7 Replies

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Nov 02, 2006
    You should be able to just separate the fields with spaces and then reference the class from a rule.

     

     

    Aaron
  • Richard__Harlan's avatar
    Richard__Harlan
    Historic F5 Account
    Nov 02, 2006
    No the rule class combo causes the tmm system to core. The rule we are useing is below

     

     

    when CLIENT_ACCEPTED {

     

    if { ([matchclass [IP::client_addr] equals $::spammers-list])} {

     

    log "[IP::client_addr] was dropped as a known spammer"

     

    drop }

     

    }

     

     

    Running the rule causes the tmm to core
  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Nov 02, 2006
    If those are all single IP addresses, then you should be able to remove the second half of each line completely, and just build a class list of IP addresses individually. That shouldn't cause any problems with the iRule posted above.

     

     

    Colin
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Nov 02, 2006
    Here is a bit more info:

    'b class help' info:

    External classes

    You can store class list information outside the bigip.conf file.

    b class extern {

    }

    The parameter can be one of "filename", "type", or "mode".

    The parameter depends on which property is being assigned.

    Valid values for "type" are "string", "value", or "ip". Valid values

    for "mode" are "read" and "rw". The ip values can be in "network

    mask " or "host " format.

    The following is an example of an external class configuration.

    b class ipvals extern {

    filename /home/ip2.class

    type ip

    mode rw

    }

    Here is an example...

    From the bigip.conf:

    
class spammers_list extern {
   type ip
   filename "/var/class/external_class"
}

    
rule external_class_rule {
   when CLIENT_ACCEPTED {
      if { ([matchclass [IP::client_addr] equals $::spammers_list])} {
         log "[IP::client_addr] matched"
      }
   }
}

    cat /var/class/external_class

    host 172.29.0.10,

    network 10.0.0.0 mask 255.0.0.0,

    Hope this helps,

    Aaron
  • Richard__Harlan's avatar
    Richard__Harlan
    Historic F5 Account
    Nov 03, 2006
    Found out what the problem was in the data class we had a space between the path and the filename. The GUI let it go but the system blew up when the iRule ran
  • G__Wesley_Rober's avatar
    G__Wesley_Rober
    Historic F5 Account
    Jan 04, 2007
    Hi,

     

     

    You might be interested in the Messaging Security Module recently announced:

     

     

    http://www.f5.com/communication/press/2006/release112006.html

     

     

    http://www.securecomputing.com/index.cfm?sKey=1669

     

     

    Availability 1//15/07.

     

     

    Regards,

     

    Wes