kridsana
Feb 27, 2018Cirrocumulus
iRule for ASM response page and error when use HTTP::respond
Hi I've problem about irule below which i try to customize information in response page of ASM via irule.
In this case we trigger ASM_REQUEST_DONE and get all parameter of violation data.and we use HTTP::respond and send information needed to user.
Problem is when we use HTTP::respond we got error in ltm log like this and connection is reset. (can't see any response page)
Error :http_process_state_prepend - Invalid action:0x109071 clientside (192.168.1.154:50013 -> 192.168.200.22:80) ((null connflow)) (Client side: vip=/Common/VS_Auction profile=http pool=/Common/Pool_auction client_ip=192.168.1.154)
Is there another way to send HTML respond to user? When we remove HTTP::respond line, It's working fine.
when ASM_REQUEST_DONE {
set x [ASM::violation_data]
for {set i 0} { $i < 7 } {incr i} {
switch $i {
0 { log local0. "violation=[lindex $x $i]" }
1 { log local0. "support_id=[lindex $x $i]" }
2 { log local0. "web_application=[lindex $x $i]" }
3 { log local0. "severity=[lindex $x $i]" }
4 { log local0. "source_ip=[lindex $x $i]" }
5 { log local0. "attack_type=[lindex $x $i]" }
6 { log local0. "request_status=[lindex $x $i]" }
}
}
if {([lindex $x 6] == "blocked")}
{
In this case we only use 2 parameter: support id and source ip
set supportid [lindex $x 1]
set sourceip [lindex $x 4]
HTTP::respond 200 content "Test block pagePage is currently unavailable.
support id:$supportid
source ip:$sourceip" "Content-Type" "text/html"
}
}