For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Hoang_Hung's avatar
Hoang_Hung
Icon for Cirrus rankCirrus
Sep 17, 2021

[Irule][ASM] Header name with no header value

Hi all I have setup a ASM profile and all my application will through BIG-IP WAF. But I have a issue " HTTP Protocol Compliance Failed: Header name with no header value " for a resquest with heade...
application delivery
ASM Advanced WAF
devops
iRules
Hoang_Hung's avatar
Hoang_Hung
Icon for Cirrus rankCirrus
Sep 18, 2021

Thank Oguzy

I was been read article, I saw F5 use irule get violation name.

But I had event log on F5. Is it Http protocol compliance failed , right ?

Thanks

Hoang Hung

oguzy's avatar
oguzy
Icon for Cirrostratus rankCirrostratus
Sep 18, 2021

Hi Hoang,

 

Could you please try to determine the exact violation name using the following steps:

 

  1. Log in to the Configuration utility.
  2. Go to Local Traffic iRules > iRule list.
  3. Select Create.
  4. For Definition, enter the following iRule code:
  5. when ASM_REQUEST_DONE {
  6. log local0. "ASM violation name: [ASM::violation names]"
  7. }
  8. Select Update.
  9. Associate the iRule with the appropriate virtual server.
  10. Send a request that triggers the violation that you want to forward to the OWS.
  11. Log in to the BIG-IP command line and search for the name of the violation.
  12. For example:
  13. grep -i violation /var/log/ltm
  14. The following log entry shows an example of a violation name as it should be used in the iRule:
  15. tmm[25875]: Rule /Common/asm_violation <ASM_REQUEST_DONE>: ASM violation name: VIOLATION_ILLEGAL_METHOD
  16. After you determine the violation name that you want to use in the iRule, you can remove the previous iRule from the virtual server configuration.