For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Yoli_154289's avatar
Yoli_154289
Icon for Nimbostratus rankNimbostratus
Mar 11, 2017

Update - remove/add values from "Data group list" via irule

Hi, Its possible to update "irule data group list" from irule ? and not from WEB or iControl  
application delivery
BIG-IP
iRules
oscarnet_69487's avatar
oscarnet_69487
Icon for Nimbostratus rankNimbostratus
Mar 27, 2017

HI

you can use table to do it. if you want block source ip you can use this irule.

 

code 
irule_A_Virtaulserver_A
ltm rule /Common/irule_A_Virtaulserver_A {
when RULE_INIT {
    set ::whichone 0
    set static::maxRate 20;
    set static::timeout 60;
    set static::maxquery 11;
    }
when HTTP_REQUEST {
    set getCount [table lookup -notouch -subtable requests [IP::client_addr]]
    set srcip [IP::remote_addr]
    if { [table lookup -subtable "Redirectolist" $srcip] != "" } {
        HTTP::redirect "http://www.abc.com"
        return
    }
    set curtime [clock second]
    set key "count:$srcip:$curtime"
    set count [table incr $key]
    table lifetime $key 2
    if { $count > $static::maxquery } {
        table add -subtable "Redirectolist" $srcip "blocked" indef $static::timeout
        table delete $key
        return
    } 
}
}
====================================================================================================================
irule_B_Virtaulserver_B
ltm ifile /Common/Block_page_html {
    file-name /Common/Block_page_html
}
ltm ifile /Common/logo_jpg {
    file-name /Common/logo_jpg
}
ltm ifile /Common/styles_css {
    file-name /Common/styles_css
}

ltm rule
ltm rule /Common/irule_B_Virtaulserver_B {
when RULE_INIT {
    set static::timeout 60;
    set static::maxquery 11;
    }
when HTTP_REQUEST {
    set srcip [IP::remote_addr]
    if { [table lookup -subtable "Redirectolist" $srcip] != "" } {
        switch [HTTP::uri] {
            "/Block_page/logo.png" { HTTP::respond 200 content [ifile get "logo_jpg"] }
            "/Block_page/styles.css" { HTTP::respond 200 content [ifile get "styles_css"] }
            default { HTTP::respond 200 content [ifile get "Block_page_html"] }
            }
    }
    set curtime [clock second]
    set key "count:$srcip:$curtime"
    set count [table incr $key]
    table lifetime $key 2
    if { $count > $static::maxquery } {
        table set -subtable "Redirectolist" $srcip "blocked" indef $static::timeout
        table delete $key
        drop
        return
    }
}
}

 

Yoli_154289's avatar
Yoli_154289
Icon for Nimbostratus rankNimbostratus
Mar 27, 2017

Where did you init this table ?

 

set getCount [table lookup -notouch -subtable requests [IP::client_addr]]

 

Also the table "Redirectolist" created in both VS's, so its not share between the two VS.

Thanks