Irule related with static content filtering with more url after suffix

Does the URI start with "/xyz"? If so, you can change that "ends_with" to a "starts_with". Otherwise you migt consider a "contains" operator.

Additionally, if this is a v10 system or higher, you're better off using the class match command instead of the now deprecated matchclass.

when HTTP_REQUEST {
    if { [class match [stirng tolower [HTTP::uri]] starts_with images] } {
        return
    } else {
        reject
    }
}

uri depends on start it can be under anything. non specified.

 

could be ;

 

www.xyz.com/a/1.jpg or www.xyz.com/ads/asd/5.bmp

 

I try to do only allow images but at the same time accept the query after the image if there is any.

 

By the way i test the rule you just wrote it did not work. gives reset. i fix type btw.

 

also if i set url contains url might be contain .jpg ant not be the suffix of a file.

 

xyz.com/das/das/dasdasdasdqweqw.jpg342432423?2132131

 

Then contains will fail on this it will allow to pass to server.

 

Ah, well how about this.

when HTTP_REQUEST {
    if { [class match [string tolower [HTTP::path]] starts_with images] } {
        return
    } else {
        reject
    }
}

Using the [HTTP::path] command instead to "normalize" the URI (strip off the query string value).

No it did not work either. datagroup has this records

 

images data group string .jpg .bmp .png

 

curl -H "Host:xyz.com" http://10.10.11.11/1.jpg?1 -I curl -H "Host:xyz.com" http://10.10.11.11/1.jpg -I

 

when i send request response is curl: (52) Empty reply from server it rejects

 

Typo. This works for me:

when HTTP_REQUEST {
    if { [class match [string tolower [HTTP::path]] ends_with images] } {
        return
    } else {
        reject
    }
}

Thank you Kevin best and number one as always. works both with querystrings and without and only accept the group added on data format.

 

Thanks again Take care and be well.