For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

spiv's avatar
spiv
Icon for Altocumulus rankAltocumulus
Apr 28, 2020

Print string found in Data Group to Log

I have an iRule that is looking in the HTTP POST request method data payload for a string that is defined in a data-group. I would like to print to the log whichever string from the referenced data-group is found.

 

# See https://devcentral.f5.com/s/question/0D51T00006i7hpJSAQ/irule-to-block-requests-with-specific-word

#

#   ltm data-group internal restricted_dg {

#       records {

#           restricted {}

#       }

#       type string

#   }

 

when HTTP_REQUEST_DATA {

   set payload [HTTP::payload]

       if {[class match [string tolower $payload] contains "restricted_dg"]} {

#           set variable named restricted_text to the string found in $payload

# that matches something in data-group restricted_dg

           log local0. "Rejecting restricted content $restricted_text"

           reject

       }

}

application delivery
BIG-IP
data group
data-group
devops
http post
iRules
log
string

2 Replies

  • PeteWhite's avatar
    PeteWhite
    Icon for Employee rankEmployee
    Apr 28, 2020
    when HTTP_REQUEST_DATA {
    set payload [HTTP::payload]
    set value [class match -value [string tolower $payload] contains "restricted_dg"]
    if {$value != ""} {
#           set variable named restricted_text to the string found in $payload
# that matches something in data-group restricted_dg
           log local0. "Rejecting restricted content $restricted_text :$value"
           reject
    }
}