F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Grandiser's avatar
Grandiser
Icon for Nimbostratus rankNimbostratus
Feb 08, 2024

I need an ASM i-rule that drops the connection upon the occurrence of a violation.

Hi;   I need an ASM i-rule that drops the connection upon the occurance of a violation. I don't want to present the default "Blocking response page" to the user, but rather drop the TCP connection....
security
JRahm's avatar
JRahm
Icon for Admin rankAdmin
Feb 12, 2024

Sometimes the handoffs between the primary proxy and plugin architecture clients like ASM are obscure. You might need to set a variable in the ASM event and then evaluate in the HTTP_RESPONSE_RELEASE event. Try something like this:

when ASM_REQUEST_VIOLATION {
    set req_violation 1
}
when HTTP_RESPONSE_RELEASE {
    if { [info exists req_violation] } {
        drop
    }
}