For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Karthik_Kumaran's avatar
Karthik_Kumaran
Icon for Nimbostratus rankNimbostratus
Jul 01, 2014

Wildcard string in datagroup ???

I am trying to find how to use a wildcard in a data-group of type string. I am using the following irule to reject connections from any other client other than my specific client,

 

when HTTP_REQUEST { log local0. "[IP::client_addr]:[TCP::client_port]: User-Agent: [HTTP::header "User-Agent"] requested [HTTP::host][HTTP::uri]" if { ![class match [HTTP::header "User-Agent"] contains test]} { log local0. "[IP::client_addr]:[TCP::client_port]: User-Agent:[HTTP::header "User-Agent"] Rejected request" reject } }

 

The data-group reference in the irule - test - has the value -> OC/15.0.4623.1000 (Microsoft Lync), which is the exact User-agent http-header of my client. But i would like to use a wildcard for the version number in the User-agent so that if the client version changes later i dont have to update the data-group again to add the new User-agent again. I want to use something like "OC/(Microsoft Lync)". But i tried adding "OC/(Microsoft Lync)" in the data-group. But my requests get rejected as i think i am not using the wildcard in the right manner. How to use wildcard in string data-group in this scenario?

 

application delivery
deployment
devops
iRules
LTM
microsoft

7 Replies

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jul 01, 2014

    I want to use something like "OC/(Microsoft Lync)". But i tried adding "OC/(Microsoft Lync)" in the data-group.

    can you try this?

      if { !( [class match [HTTP::header "User-Agent"] contains test] ) } {
    • nitass's avatar
      nitass
      Icon for Employee rankEmployee
      Jul 01, 2014
      it seems your wildcard is removed when posting. yes, class match/data group does not support wildcard.
  • Karthik_Kumaran's avatar
    Karthik_Kumaran
    Icon for Nimbostratus rankNimbostratus
    Jul 01, 2014

    So this is the user-agent - OC/15.0.4623.1000 (Microsoft Lync), and i want to wild card the version number (15.0.4623.1000) in the data-group so that i dont have to update the data-group everytime when the version of the client changes

     

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Jul 01, 2014

    Data groups don't support wildcards or variable expansion, so you're best bet is to make the data group entries an unspecific as possible.

     

  • Arie's avatar
    Arie
    Icon for Altostratus rankAltostratus
    Jul 01, 2014

    Couldn't you just match "Microsoft Lync"? Otherwise you could use regex, but that would be expensive.

     

  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Jul 01, 2014

    If you want to match OC and Microsoft Lync but skip the version number, use two contains comparisons. Not ideal, but still faster than a regex.