Forum Discussion
YossiV
Nimbostratus
NimbostratusIrule for Data group List to Block specific cookie
Hi.
i am wondering if there is any option to create a datagroup (string type)
and assign it to an irule which will block the request ( for example response 403) base on the cookie that the client co...
jgranieriNimbostratus
NimbostratusI am far from a programmer and irule expert but these are basically what you need to do.
Use the event handler When HTTP_REQUEST to capture the header containing the cookie, store it in a variable. Log it or not and then compare it to the string data-group and take an action.
so here is something that you can work off of. You need to pre-configure a pool, a string based data-group. The syntax might be off as I quickly threw it together but you should be able to work off of this and get it going.
when CLIENT_ACCEPTED {
log local0. "[IP::client_addr]: HTTP Client Connected"
}
when HTTP_REQUEST {
set Found_Cookie"[HTTP::header value Cookie]"
Your choice to log this or not
log local0. "Detected Cookie as $Found_Cookie"
if { [class match $Found_Cookie contains Cookie_String_Data_Group } {
log local0. "Cookie matches data-group and this connection will be rejected"
reject
}
} else {
log local0. "Cookie does not match the reject list Allowing connection"
pool XYZ
}
