For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Adrien_Legros_1's avatar
Adrien_Legros_1
Icon for Altostratus rankAltostratus
Apr 13, 2012

Insert the ASM support ID in the headers

We want to insert the ASM support id for each request that goes through the BigIP (Good or bad). When I tried the following code, I receive errors in the LTM logs.   I'm using version 11.1 hotfix 2...
application delivery
dev
devops
iRules
nitass's avatar
nitass
Icon for Employee rankEmployee
Apr 13, 2012
i have to remove clientside {} in the irule. 

root@ve1110(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
    destination 172.28.19.252:80
    http-class {
        asmclass
    }
    ip-protocol tcp
    mask 255.255.255.255
    pool foo
    profiles {
        http { }
        tcp { }
    }
    rules {
        myrule
    }
    snat automap
    vlans-disabled
}
root@ve1110(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
    members {
        200.200.200.101:80 {
            address 200.200.200.101
            priority-group 10
        }
    }
    min-active-members 1
}
root@ve1110(Active)(/Common)(tmos) list ltm rule myrule
ltm rule myrule {
    when HTTP_REQUEST_RELEASE {
   log local0. "\[ASM::violation_data\]: [ASM::violation_data]"
   HTTP::header insert ASM-SUPPORT-ID [lindex [ASM::violation_data] 1]
   log local0. "ASM-SUPPORT-ID: [HTTP::header ASM-SUPPORT-ID]"
}
}

 packet trace

[root@ve1110:Active] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.28.19.251(39744) <-> 172.28.19.252(80)
1334326859.3323 (0.0009)  C>S
---------------------------------------------------------------
GET / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Host: 172.28.19.252
Accept: */*

---------------------------------------------------------------

New TCP connection 2: 200.200.200.11(39744) <-> 200.200.200.101(80)
1334326859.3389 (0.0040)  C>S
---------------------------------------------------------------
GET / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Host: 172.28.19.252
Accept: */*
ASM-SUPPORT-ID: 11937397497950896179

---------------------------------------------------------------

 ltm log

[root@ve1110:Active] config  cat /var/log/ltm
Apr 13 07:20:54 tmm notice tmm[7321]: 013e0001:5: Tcpdump starting bcast on 127.1.1.2:2 from 127.1.1.1:34736
Apr 13 07:20:59 tmm info tmm[7321]: Rule /Common/myrule : [ASM::violation_data]: {} 11937397497950896179 /Common/asmclass Informational 172.28.19.251 {} alarmed
Apr 13 07:20:59 tmm info tmm[7321]: Rule /Common/myrule : ASM-SUPPORT-ID: 11937397497950896179
Apr 13 07:21:34 tmm notice tmm[7321]: 013e0002:5: Tcpdump stopping on 127.1.1.2:2 from 127.1.1.1:34736