Forum Discussion

Bayan_El_Ameen1's avatar
Bayan_El_Ameen1
Icon for Nimbostratus rankNimbostratus
Oct 04, 2011

Redirection iRule on ASM Blocking

Hello,     I need an iRule to redirect to home page when the ASM blocks a request.     I know that this can be achieved by selecting a redirect url for the response page instead of using t...
application delivery
dev
devops
iRules
nitass's avatar
nitass
Icon for Employee rankEmployee
Oct 24, 2011
this is mine. 

[root@tulip:Active] config  b version|grep -iA 1 version
BIG-IP Version 10.2.0 1707.0
Final Edition

[root@tulip:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.17.66:http
   ip protocol tcp
   rules myrule
   httpclass asmclass
   profiles {
      http {}
      tcp {}
   }
}
[root@tulip:Active] config  b profile asmclass list
profile httpclass asmclass {
   defaults from httpclass
   asm enable
}
[root@tulip:Active] config  b rule myrule list
rule myrule {
   when ASM_REQUEST_BLOCKING {
        HTTP::redirect "http://www.google.com"
}
}

[root@tulip:Active] config  curl -i http://172.28.17.66
HTTP/1.0 302 Found
Location: http://www.google.com
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

[root@tulip:Active] config  cat /var/log/asm
Oct 24 20:48:15 local/tulip err dcc[11586]: 01310033:3: [SECEV] Request blocked, violations: Attack signature detected. HTTP protocol compliance sub violations: N/A. Evasion techniques sub violations: N/A. Web services security sub violations: N/A. Support id: 9922188796739190794, source ip: 172.28.17.60, xff ip: N/A, source port: 49258, destination ip: 172.28.17.66, destination port: 80, HTTP classifier: asmclass, scheme HTTP, geographic location: , request: