Support with irule ASM ASM_REQUEST_VIOLATION

Hi guys,

 

 

I need the client request reaches the server but if the request has a security violation (Illegal parameter value length, parameter value does not comply with regular expression), filter the content-type but the request arrive to the server.

 

 

I configured any but I don´t see match the irule. The last irule is the follow:

 

 

when ASM_REQUEST_VIOLATION

 

{

 

ASM::payload replace 0 0 [ASM::payload length]

 

HTTP::header insert "ASM-SUPPORT-ID [lindex [ASM::violation_data] 1]"

 

HTTP::header sanitize "host"

 

log local0. "$log_prefix: Inserted header ASM-SUPPORT-ID: [lindex[ASM::violation_data] 1]"

 

HTTP::header replace "connection" "close"

 

HTTP::uri [HTTP::path]

 

 

}

 

 

I think with this irule, the irule add in the header the support ID ASM, right?. I don´t see this added header, in the capture packet (wireshark) is the same packets with or without irule ASM.

 

 

This irule is correct?

 

 

Thanks advance.