Filtering IRule

Hey all,

 

 

I'm looking to modify and existing IRule that looks at UDP payload in a request, and then drops certain requests, but allows others. I want to expand it to filter and log certain requests, and process the others via a class file instead of an IF, ELSEIF, ELSE string of rules. Let me know if you see anything out of place with the rule below.

 

 

class log_sso {

 

 

}

 

 

class reject_sso {

 

anonymous

 

Enter your SSO ID here

 

}

 

 

when CLIENT_DATA {

 

set log_sso [matchclass [UDP::payload] contains $::log_sso]

 

set reject_sso [matchclass [UDP::payload] contains $::reject_sso]

 

if { -1 != $log_sso } {

 

set sso [lindex $::log_sso [expr $log_sso - 1]]

 

set client_ip [IP::client_addr]

 

set payload [UDP::payload]

 

log local0. "User $sso connected via AP with IP address $client_ip. payload = $payload"

 

} elseif { -1 != $reject_sso } {

 

discard

 

} else {

 

pool wlauth-servers

 

}

 

}

 

 

Thanks!!