Forum Discussion
NimbostratusIRules and Data Group
We need to reject some HTTP request based on User-Agent.
We have a iRule that works, I would like to rewrite it by using Data Group.
when HTTP_REQUEST { if {([string tolower [HTTP::header "User-Agent"]] contains "majestic12") || ([string tolower [HTTP::header "User-Agent"]] contains "yandex") || ([string tolower [HTTP::header "User-Agent"]] contains "ahrefs") || ([string tolower [HTTP::header "User-Agent"]] contains "yisou")} { log local0. "Blocked src=[IP::client_addr] src_port=[TCP::client_port],agent= [HTTP::header User-Agent]"
reject
} }
I created a Data Group called Blockbots has all 4 records with string type
with this, it doesn't work if { [ matchclass [string tolower [HTTP::header "User-Agent"]] contains Blockbots ] } {
log local0. "Blocked src=[IP::client_addr] src_port=[TCP::client_port],agent= [HTTP::header User-Agent]" reject } }
Based on the log it doesn't work
Can someone tell me why?
Thanks, Xin
2 Replies
natheCirrocumulus
matchclass is deprecated now. Try class match instead, unless you're pretty v10 of course.
N
- nathe
when HTTP_REQUEST { switch -glob [string tolower [HTTP::header User-Agent]] { "*majestic12*" - "*yandex*" - "*ahrefs*" - "*yisou*" - "*teoma*" { reject log local0. "Blocked src=[IP::client_addr] src_port=[TCP::client_port],agent= [HTTP::header User-Agent]" } } }By the way, this is a cleaner irule. Not checked syntax though.
N
