Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

smiley_dba_1116's avatar
smiley_dba_1116
Icon for Nimbostratus rankNimbostratus
Mar 23, 2016

F5 APM - iRule reviewing pattern matching

is there a way to look at a user login and if the F5 sees a unique pattern.....say 3 alpha characters and 4 numeric characters, deny the request or redirect.

 

RGW

 

2 Replies

  • Josiah_39459's avatar
    Josiah_39459
    Historic F5 Account
    Mar 23, 2016

    Sure you could write an irule to do this, have an irule event trigger it, store the result in a session variable, and then take a branch path to deny based on the result variable. If you really wanted to you could even use an Empty box in the VPE and put all the TCL into the branch selection, but that might get a little hairy as you have to write it all on one line.

     

  • JG's avatar
    JG
    Icon for Cumulonimbus rankCumulonimbus
    Mar 23, 2016

    I have not tested the following but it will give you something to get started with:

    when ACCESS_ACL_ALLOWED {
    if {[string tolower [ACCESS::session data get "session.logon.last.username"]] matches_regex {^[A-Za-z]{3}\d{4}$} } {
        HTTP::redirect http://my.other.place/
    }
}