Forum Discussion
Cirrostratusirule to match string in /var/log/ltm
Adminwhere are you setting diA variable? even when that gets set, $diA will be evaluated as a command and fail as well with the brackets, so you'll want to rewrite that to something like:
if { $dia eq "..."} {
set res ...
}I'm assuming your testing here, and likely you'll use tables to store the fingerprints? That'll be a lot of manual configuration of them otherwise.
CirrostratusI'm testing Device ID+ with ASM (PoC), i imported the iApp, and used the following irule, what i want to do something with it... im connecting to a website from another PC and i logged my device id and i want to blocked my pc.
when HTTP_REQUEST {
if [HTTP::cookie exists _imp_apg_r_] {
set deviceid [URI::decode [HTTP::cookie _imp_apg_r_]]
log local0. "URL Decoded cookie is $deviceid"
set deviceida [lindex [regexp -inline -- (?:"diA":")(.*?)(?:") $deviceid] 1]
log local0. "diA = $deviceida"
set deviceidb [lindex [regexp -inline -- (?:"diB":")(.*?)(?:") $deviceid] 1]
log local0. "diB = $deviceidb"
log local0. "IP is [IP::client_addr]"
log local0. "Path os [HTTP::path]"
} else {
log local0. "No cookie"
}
}
CA_ValliMVP
Hello Mohanad,
based on logging instruction on line 6, the variable that will contain diA is $deviceida
$diA does not exist in your code, there is no such line that sets diA variable/value pair
Moreover, as Jason already mentioned, your if statement will fail since you are using square brackets incorrectly -- to keep it simple their purpose in iRule would be for retrieving packet data such as [HTTP::header] , or for operations such as line 5 of your code where you calculate diA (read TCL references for a complete overview)
You will need to adjust BOTDEFENSE_ACTION if statement as follows:
when BOTDEFENSE_ACTION { if { $deviceida equals "AYrQyWEAAAAACxF5RBPJyPdDICteKxbw" } { set res [BOTDEFENSE::action tcp_rst] BOTDEFENSE::action custom_response "sorry\ni am blocking you\n" } }
