What's the purpose of the catch block in an ASM_REQUEST_BLOCKING scenario

Question

We're returning custom ASM-error pages by using an irule whose initial structure follows the principle of the article ASM_REQUEST_BLOCKING.&nbsp;
Some month ago i decided to remove the last block 'when HTTP_RESPONSE_RELEASE'. Today i temporarily re-added it and was quite surprised about the log entries. Although the irule works as expected, the content of the catch block is getting executed. &nbsp;
How do i identify the typ of the exception thrown by the irule? And what action should it take in this case, since everything works fine?&nbsp;

kevin_stewart · Answer

You can use the more complete form of catch to return the resulting error:
if { [catch {
        do only if  previous was event ASM_REQUEST_BLOCKING
        if { $activeViolation } {
            modify respose header
            HTTP::header remove Content-Length
            HTTP::header insert header_1 value_1
        }
    } err] } {
    log local0. "Error is ${err}"
}

Ref: http://www.tcl.tk/man/tcl8.5/TclCmd/catch.htm

Forum Discussion

What's the purpose of the catch block in an ASM_REQUEST_BLOCKING scenario

1 Reply

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

AST Configuration Assistance

Floating IP responds from wrong VLAN/trunk

expandsSubcollections and filtering in F5 SDK

F5 i-series Guests to r-series tenants migration

Building new F5 replica

Related Content

Using Distributed Cloud DNS Load Balancer with Geo-Proximity and failover scenarios

Purpose of the f5_api_com certificate?

How to Check logs on F5 for troubleshooting purpose.

Especial Load Balancing Active-Passive Scenario (I)

Especial Load Balancing Active-Passive Scenario (II)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS