For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Brandon's avatar
Brandon
Icon for Cirrostratus rankCirrostratus
Jan 29, 2019
Solved

iRule error

When i try to save the IRULE it gives me the following error. Trying to block all non app traffic to vip combined with using a SDK on ASM

 

Here are the errors

 

1070151:3: Rule [/Common/ASM_SDK] error: /Common/ASM_SDK:3: error: [command is not valid in current event context (HTTP_REQUEST)][BOTDEFENSE::reason]

 

/Common/ASM_SDK:2: error: [command is not valid in current event context (HTTP_REQUEST)][BOTDEFENSE::action]

 

Below is the iRule:

 

when HTTP_REQUEST { if { ([BOTDEFENSE::action] eq "allow") && (not ([string tolower [BOTDEFENSE::reason]] starts_with "valid mobile application cookie")) } { BOTDEFENSE::action tcp_rst } }

 

application delivery
ASM Advanced WAF
iRules
security
  • Andrew-F5's avatar
    Andrew-F5
    Jun 10, 2019

    The 'BOTDEFENSE::reason' is only valid in the event 'BOTDEFENSE_ACTION' so your iRule would have to look like the following:

    when BOTDEFENSE_ACTION { 
	if { ([BOTDEFENSE::action] eq "allow") && (not ([string tolower [BOTDEFENSE::reason]] starts_with "valid mobile application cookie")) } {
		BOTDEFENSE::action tcp_rst
	}	
}

    Documentation: Clouddocs > BIG-IP API Reference > BOTDEFENSE::reason

1 Reply

  • Andrew-F5's avatar
    Andrew-F5
    Icon for Employee rankEmployee
    Jun 10, 2019

    The 'BOTDEFENSE::reason' is only valid in the event 'BOTDEFENSE_ACTION' so your iRule would have to look like the following:

    when BOTDEFENSE_ACTION { 
	if { ([BOTDEFENSE::action] eq "allow") && (not ([string tolower [BOTDEFENSE::reason]] starts_with "valid mobile application cookie")) } {
		BOTDEFENSE::action tcp_rst
	}	
}

    Documentation: Clouddocs > BIG-IP API Reference > BOTDEFENSE::reason