Forum Discussion

Nimbostratus

Feb 08, 2024

I need an ASM i-rule that drops the connection upon the occurrence of a violation.

Hi; I need an ASM i-rule that drops the connection upon the occurance of a violation. I don't want to present the default "Blocking response page" to the user, but rather drop the TCP connection....

security

JRahm

Admin

Feb 12, 2024

Sometimes the handoffs between the primary proxy and plugin architecture clients like ASM are obscure. You might need to set a variable in the ASM event and then evaluate in the HTTP_RESPONSE_RELEASE event. Try something like this:

when ASM_REQUEST_VIOLATION {
    set req_violation 1
}
when HTTP_RESPONSE_RELEASE {
    if { [info exists req_violation] } {
        drop
    }
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

I need an ASM i-rule that drops the connection upon the occurrence of a violation.

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

T4 and ALL tenant images

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Related Content

KEV Guardrails on BIG-IP: iRules + AWAF custom violations for Vite, Versa Concerto, and Zimbra

Separating False Positives from Legitimate Violations

Site-to-Site Connectivity in F5 Distributed Cloud Network Connect – Reference Architecture

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

AWS Transit Gateway Connect: GRE + BGP = ?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS