Reset connection via iControl

Question

Hi!&nbsp;I have written an AI that does some analyzing and sometimes decides that an IP no longer should beallowed to access a specific resource.&nbsp;When this happens, the IP is added to a data-group-list and the resource has an iRule that checks ifthe IP is blocked via the CLIENT_ACCEPTED-event. &nbsp;Problem: The current connection is allowed to persist since the drop in only done when a new connectionis set up (due to using the CLIENT_ACCEPTED-event).&nbsp;I have been looking through the iControl API to see if I can drop a specific connection based on IP butI can't find anything about networking at all.. Any ideas how to solve this?&nbsp;Since the resource get a lot of request, it would not be very good to check the DGL on every incomming request.&nbsp;Product: BIG-IPVersion: 13.1.1Build: 0.0.4BIG-IP 4000S

dario_garrido · Answer

Hello Peo.&nbsp;You can drop connections when the first packet arrives the F5 (SYN). I share with you three methods in order of precedence:1) Packet Filtering -&gt; https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-implementations-13-0-0/8.html2) FLOW_INIT event -&gt; https://clouddocs.f5.com/api/irules/FLOW_INIT.html3) AFM Module -&gt; https://support.f5.com/csp/article/K38201755&nbsp;KR,Dario.

Forum Discussion

Reset connection via iControl

Recent Discussions

ports are showing open on online scanning tool

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

Related Content

SPECIAL DevCentral Connects - on Basic iControl Security

BIGIP resets connecion

Connect to version 14 and above with Powershell iControl

DevCentral Connects hosts Capture the Flag!

Troubeshooting website connection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS