Forum Discussion
I need an ASM i-rule that drops the connection upon the occurrence of a violation.
Hi;
I need an ASM i-rule that drops the connection upon the occurance of a violation. I don't want to present the default "Blocking response page" to the user, but rather drop the TCP connection.
I have tried
when ASM_REQUEST_BlOCKING {
drop
}
and the response page still comes up.
I have also tried the following ASM i-rule in compatibility mode
when ASM_REQUEST_VIOLATION {
drop
}
Still the response page is coming up.
Kindly
Wasfi
- Jeffrey_GranierEmployee
something like this might work.
when ASM_REQUEST_VIOLATION {
# When a request violation occurs, drop the TCP connection
drop
}when ASM_RESPONSE_VIOLATION {
# When a response violation occurs, drop the TCP connection
drop
} - JRahmAdmin
Sometimes the handoffs between the primary proxy and plugin architecture clients like ASM are obscure. You might need to set a variable in the ASM event and then evaluate in the HTTP_RESPONSE_RELEASE event. Try something like this:
when ASM_REQUEST_VIOLATION { set req_violation 1 } when HTTP_RESPONSE_RELEASE { if { [info exists req_violation] } { drop } }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com