Forum Discussion

kh1's avatar
kh1
Icon for Nimbostratus rankNimbostratus
Apr 21, 2024

Irule for Host block with custom ASM violation

Dears,

 

I have following scenarios, 

1. if Traffic from Internal user/IP --- > Allow connection 

2. Traffic from internet
2.1) Block access only on Host name ( URL ), That is -----> https://XYZ.com
2.2) Allow access to URI's, Thats is ------- > https://XYZ.com/abc or https://XYZ.com/*

 

 

I tried multiple way and find some solution but its not working. Its great if some one helps here

 

when HTTP_REQUEST {
    set reqBlock 0
    if {[string tolower [HTTP::host]] eq "XYZ.Google.com" && [IP::addr [IP::client_addr] equals "10.0.0.0/8"]} {
        log local0. "[IP::client_addr] triggered geo"
        set reqBlock 1
    }
}

when ASM_REQUEST_DONE {
    if {$reqBlock == 1} {
        ASM::raise VIOLATION_URL_GEOLOCATION
    }
}

 

No RepliesBe the first to reply