Forum Discussion
nested if iRule
Hi, I am trying to develop an iRule that will flow through several conditions, breaking out as soon as a condition is false to make it efficient. It doesn't seem to be working but not sure why.
Here is what I have -
priority 150 when HTTP_REQUEST { if { [HTTP::method] equals "POST" } { if { [HTTP::uri] contains "/URI-In-Question/" } { HTTP::collect 100} if { !([HTTP::payload 100] contains "keyword")}{ reject}
} }
So the goal here is to test if the request is a POST and if not, stop processing. If the request is a POST, then check to match the URI. If the URI doesn't match, stop processing. If the URI matches then grab the first 100 bytes of the POST payload and evaluate that payload for a keyword, if the keyword is not present in that first 100 bytes of payload, then reject the request, otherwise process the request.
The behavior I am seeing is very inconsistent and not what I am trying to achieve. I know I need to add some error checking and all that around content length but the basic rule isn't working yet.
Any thoughts or suggestions?
Thanks in advance.
- Michael_JenkinsCirrostratus
I would recommend joining the first two if conditions and then follow the code at this site as an example of how to grab the request payload. Then in the http request data event you cam check the payload and reject if necessary.
I can't write the code for you at the moment though I can help with that in a little while. But that link should at least point you in the right direction.
- nitassEmployee
can you try something like this?
[root@ve11a:Active:In Sync] config tmsh list ltm rule qux ltm rule qux { when HTTP_REQUEST { if { [HTTP::method] equals "POST" } { if { [HTTP::uri] contains "/URI-In-Question/" } { HTTP::collect 100 } else { Stop processing return } } else { Stop processing return } } when HTTP_REQUEST_DATA { if { not ([HTTP::payload 100] contains "keyword") } { Reject reject } } }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com