Forum Discussion

Nimbostratus

Feb 08, 2011

Tethering heuristics

Hi all, I am looking for information about heuristics that can be implemented using iRule to identify if a subscriber is tethering using a mobile device (iPhone, iPad, handset, BlackBerry, e...

Cirrostratus

Feb 08, 2011

Hi Pablo,

I think the first question is how can you identify the characteristics you're looking for using standard HTTP/HTML/scripting. Once you figure that out, you can try to implement it in an iRule.

Can you determine whether a user is tethering from the User-Agent header? If so, you could look for this by parsing [HTTP::header User-Agent]. Else, can you use Javascript to ask the client to provide this data? If so, you could send an HTTP response using HTTP::respond. Or you could inject the Javascript into response content by collecting and modifying the payload with HTTP::collect and HTTP::payload, respectively.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Tethering heuristics

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Heuristic for sysStatHttpRequests?

Signature-based Analysis -Heuristics/Anomaly-based Analysis

iHealth API to retrieve status of report generation based on Heuristic ID

Re: The Disadvantages of DSR (Direct Server Return)

Re: Encrypted malware vs. F5's full proxy architecture

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS