Forum Discussion
Frank_Nsubuga_3
Nimbostratus
NimbostratusiRule using switch -glob to block URI containing /xyz/* but allow /xyz/abc
Hi, I'm trying to achieve what's written in the title but I'm struggling.
What I've got below is where I'm at:
How do I fix it so the traffic for "/ecp/?rfr=owa&owaparam=modurl%3d0&p=organize/automaticreplies.slab" doesn't always get dropped by the rule for "/ecp/*"?
Thanks,
Frank
when HTTP_REQUEST {
switch -glob -- [string tolower [HTTP::path]] {
"/owa*" {
pool f5lab-https-pool
log local0. "OWA rule hit"
ASM::enable "test"
return
}
"/ecp/?rfr=owa&owaparam=modurl%3d0&p=organize/automaticreplies.slab" {
log local0. "ECP extra rule hit"
pool f5lab-https-pool
ASM::enable "test"
return
}
"/ecp/*" {
pool f5lab-https-pool
log local0. "ECP wildcard rule hit"
reject
}
}
}
Frank_Nsubuga_3As a note, I've already checked the dev articles and F5 articles discussing the different conditions when using Switch/ glob.
None of them explain how to block /xyz but allow /xyz_abc.
Any help or suggestions is appreciated.
Thanks!
RossVermetteYou're using the "string tolower" so your switch statement won't match. Change all to lower case.
ex: /newURI/ExtraPart1/ExptraPart2.mail should be /newuri/extrapart1/exptrapart2.mail
Stanislas_Piro2Cumulonimbus
with URI `/ecp/?rfr=owa&owaparam=modurl%3d0&p=organize/automaticreplies.slab, [string tolower [HTTP::path]] will return :
/ecp/So the code must be:
when HTTP_REQUEST { switch -glob -- [string tolower [HTTP::path]] { "/owa*" { pool f5lab-https-pool log local0. "OWA rule hit" ASM::enable "test" return } "/ecp/" { log local0. "ECP extra rule hit" pool f5lab-https-pool ASM::enable "test" return } "/ecp/*" { pool f5lab-https-pool log local0. "ECP wildcard rule hit" reject } } }