For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Michael_Jenkins's avatar
Michael_Jenkins
Icon for Cirrostratus rankCirrostratus
Jun 29, 2015

I assume you're using the 

HTTP_REQUEST
event in your cherry-picking iRule?

In that case, you may want to check out this article that shows the event flow with regard to APM connections.

The 

HTTP_REQUEST
event is one of the first things to get executed (before any of the APM stuff happens). Because of this, you could do a couple things:

  1. Check for an 
    MRHSession
    cookie and then check the 
    [ACCESS::policy result]
    for 
    allow
    and if that's the case, perform your check on the uri.
  2. Handle the initial request from the 
    ACCESS_POLICY_COMPLETED
    event instead (or in addition to the HTTP_REQUEST event). Probably wouldn't recommend this one since it's more complex...

Hope this helps.