Forum Discussion

Yonik's avatar
Yonik
Icon for Nimbostratus rankNimbostratus
Nov 22, 2023

Script to edit ASM policy

hi, i have an ASM policy and i want to be able to export it, modify it with a script and then import it back into the F5 machine. my goal is to be able to add a lot of URLS into the policy with the script

my script is running good and it adds all the urls in the right schema into the policy but after importing it back into the machine and applying it on a virt the policy doesnt do anything (nothing is being blocked) even tho its in Blocking mode. i didnt get any errors while importing the policy but it just doesnt work (the URLS i added with the script are visible in the GUI so it worked and saved my changes and is able to read them too)

after saving the Learning and blocking settings and changing the mode of the policy to Transparent and then back to Blocking its works but after hitting Refresh in the site it suddenly stops blocking 

i can see the logs in the events but it only alarms me even tho everything is in blocking mode.

i made sure to take the original XML encoding. 
can you help me out? anyone has done something like this?

  • Hi Yonik

    Can you share the policy?

    Usually there are three places to look when womething isn't being stopped:

    - is the policy in blocking

    - is the object in question in staging

    - does the policy block said feature in the settings

    As you say you can find an alert log it suggest that the setting  (illegal URL) is only set to alarm and not block.