kh1
Apr 21, 2024Nimbostratus
Irule for Host block with custom ASM violation
Dears,
I have following scenarios,
1. if Traffic from Internal user/IP --- > Allow connection
2. Traffic from internet
2.1) Block access only on Host name ( URL ), That is -----> https://XYZ.com
2.2) Allow access to URI's, Thats is ------- > https://XYZ.com/abc or https://XYZ.com/*
I tried multiple way and find some solution but its not working. Its great if some one helps here
when HTTP_REQUEST {
set reqBlock 0
if {[string tolower [HTTP::host]] eq "XYZ.Google.com" && [IP::addr [IP::client_addr] equals "10.0.0.0/8"]} {
log local0. "[IP::client_addr] triggered geo"
set reqBlock 1
}
}
when ASM_REQUEST_DONE {
if {$reqBlock == 1} {
ASM::raise VIOLATION_URL_GEOLOCATION
}
}