Irule for TCP DATA verification

Question

Hi Experts,
I have created the below iRule, Kindly can you please suggest to tune it.
I am looking for three conditions to match in a connection to allow the user.
For Eg: The Client ID (TID) should be Equal to Serial Number (TSN) and its MAC (MAC)
when CLIENT_ACCEPTED {    
    TCP::collect 
}

when CLIENT_DATA {          
set payload [TCP::payload] 
regexp {} payload TID
regexp {} payload TSN
set TSN "$TSN,"
set MAC LINK::lasthop
concatenate the two variables
set total "$TSN$MAC" 
set value [class match -name $TID equals string_Data_group ]

if {$value ne $total}{
    reject
    }

}

Thanks,
Ibrahim

stanislas_piro2 · Answer

Hi,&nbsp;
The main problem in your irule is the regexp command twice of all payload data for any TCP .&nbsp;
What is the regexp pattern? this seems empty. can you search pattern without regex (string with fixed length, encoded string length in headers, ...)?&nbsp;

Forum Discussion

Irule for TCP DATA verification

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

2026 301a exam

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

Related Content

Intermediate iRules: Data-Groups

Google Authenticator Token Verification iRule For APM

Google Authenticator Verification iRule (TMOS v11.1+ optimized)

SSL Bridging verification

v11: iRules Data Group Updates

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS