irule for IP rejection for malicious IPs

create a Data Group [threat_categories_dg] with your reject categories and try the below

when RULE_INIT {
    
    set static::threat_categories_dg "threat_categories_dg"

}

when CLIENT_ACCEPTED {

set client_ip [IP::client_addr]
set threat_categories [IP::reputation $client_ip]

if { [class match $threat_categories contains $static::threat_categories_dg] } {
            { log local0. "Dropping request. VS IP: [IP::local_addr], Client IP: $client_ip, Threat Category: $threat_categories, Country: [whereis $client_ip country]" }
            drop
    }
    
}