YossiV
Mar 26, 2019Nimbostratus
Irule to block specific users from login to back office system
Hi guys, i need your help to fine tune my Irule script i need to catch the username ( convert it to lower case ) and than match it to the data group list. if its not exist on the DataGroup list, send 403. so basically is a post method only and the uri always come with /login the payload is form data that contains the username and the password as you see at the form data my irule looks like this:
Code
when CLIENT_ACCEPTED {
log local0. "[IP::client_addr]: HTTP Client Connected"
}
when HTTP_REQUEST {
if {([string tolower [HTTP::uri]] ends_with "login") and ([HTTP::method] eq "POST")} {
Trigger collection for up to 1MB of data
if {[HTTP::header "Content-Length"] ne "" && [HTTP::header "Content-Length"] <= 1048576} {
set content_length [HTTP::header "Content-Length"]
} else {
set content_length 1048576
}
Check if $content_length is not set to 0
if { $content_length > 0} {
HTTP::collect $content_length
}
}
}
when HTTP_REQUEST_DATA {
set username [lindex [split [string tolower [HTTP::payload]] "\""] 3]
log local0. "Split payload and take username"
if { [class match $username equals BOAgentName] } {
log local0. "username matches data-group and this connection will be rejected"
log local0. "BoAgent Blocked. Agent=$username and Source IP=[IP::client_addr],"
HTTP::respond 403
} else {
log local0. "BoAgent Allowed"
}
}
but its not working for me.. 😞
To get username, use this command
set username [URI::query ?[HTTP::payload]] username]