Forum Discussion

Nimbostratus

Feb 16, 2017

TCL error on an iRule used for ASM managment

We have an iRule that is used to conditionally unblock triggered attack signatures on ASM policies for specific requests. Largely, this iRule works great. For some applications, however, it present...

Cirrus

Mar 06, 2017

There is a known restriction, which F5 tracked internally as ID 429063, whereby iRule data objects like HTTP::method, HTTP::uri, etc. that are normally available in the clientside context -- and accessible in the ASM_REQUEST_DONE event handler -- are not accessible when there is a "100 Continue" response before the client sends the request body.

After the 100-continue, ASM will have released the original request headers, URI, etc. and can no longer access them by the time the remainder of the request has been received and analyzed.

Forum Discussion

TCL error on an iRule used for ASM managment

Recent Discussions

AST Configuration Assistance

Adding logging to APM per-request policy without SWG license

Single LTM with multiple GTM domains

License activation

Syslog server not visible in GUI

Related Content

Managing Model Context Protocol in iRules - Part 3

Managing Model Context Protocol in iRules - Part 1

Automating Certificate Management on F5 BIG-IP

Managing Model Context Protocol in iRules - Part 2

error code 503 redirect irule