For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Snl's avatar
Snl
Icon for Cirrostratus rankCirrostratus
Oct 18, 2018

Irule help

Folks

 

I have requirement to the request start with /abc/ directory and contains the parameter si or di the value of this parameter should not exceed more than 50 characters , if exceed should drop if less should allow. cheers snl

 

application delivery
ASM Advanced WAF
iRules

2 Replies

  • Snl's avatar
    Snl
    Icon for Cirrostratus rankCirrostratus
    Oct 18, 2018

    done some research found below , how i can call the parameters in this particular those 2 value

    when RULE_INIT {
  set DEBUG 1
  set sec_http_max_post_data_length 50
}

when HTTP_REQUEST {
  if { [string tolower [HTTP::uri]] equals "/abc/" and [HTTP::method] equals "POST" } {
    set len [HTTP::header "Content-Length"]
      if { [expr $len > $::sec_http_max_post_data_length] } {
        log local0. "  SEC-ALERT: POST Length: uri=[HTTP::uri]; len=$len; max_len=$::sec_http_max_post_data_length"
        reject
      }
    }
  }
}
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Oct 18, 2018

    You'll want to create static variables in RULE_INIT to maintain CMP.

    when RULE_INIT {
    set static::DEBUG 1
    set static::sec_http_max_post_data_length 50
}
when HTTP_REQUEST {
    if { ( [string tolower [HTTP::uri]] equals "/abc/" ) and ( [HTTP::method] equals "POST" ) } {
        set len [HTTP::header "Content-Length"]
        if { [expr {$len > $static::sec_http_max_post_data_length}] } {
            log local0. "  SEC-ALERT: POST Length: uri=[HTTP::uri]; len=$len; max_len=$static::sec_http_max_post_data_length"
            reject
        }
    }
}