For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

axteliano_34959's avatar
axteliano_34959
Icon for Nimbostratus rankNimbostratus
Apr 03, 2018

how respond a request http of unix time from f5

hi guys, i have a request http that is saturating my servers this request is random, the request is of time of server. take a look: GET /Mirada_Test-portal-fw-war-11.6.3/private/poll2.ajax?h...
BIG-IP
devops
iRules
crodriguez's avatar
crodriguez
Ret. Employee
Apr 03, 2018

The question begs, is the hash parameter value important to the server's response. If hash value is not important, you could perhaps use something like this below. Looks like the server is currently responding with Unix clock time in milliseconds. You don't show any other parts of the HTTP response so it's hard to tell what else is coming along with the response portion you provided, if anything, such as the status code or HTTP headers or whether the connection is closed afterward. You will probably have to make some adjustments to the response to get it to match precisely the server is currently sending.

 

when HTTP_REQUEST {
    if { [HTTP::uri] starts_with "/Mirada_Test-portal-fw-war-11.6.3/private/poll2.ajax?hash=" } {
        HTTP::respond 200 content "\{\"cachedClasses\":\[\],\"currentServerTime\":[clock clicks -milliseconds]\}" "Connection" "close"
    }
}

I suppose you could also consider just dropping the traffic instead of responding. I don't know how critical these time requests are from the client. They may just be nuisance traffic. Another DevCentral user was looking for a way to do something similar here.