CodeShare
Have some code. Share some code.
1283 PostsActivity in CrowdSRC
Use BIG-IP LTM Virtual Server & iRule for an internal "What's My IP" website
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’.Short DescriptionThis article describes how to use an F5 BIG-IP LTM iRule attached to a virtual server as an internal "What's My IP" website.Various online inf...
Bash script to check if you have a SIP profile attached to a Virtual Server (CVE-2023-22842)
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description Generate a CSV report to know which virtual servers have a SIP profile attached. Problem solved by this Code Snippet This is to shorten the...
iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description As mentioned in article https://my.f5.com/manage/s/article/K73304774 (K73304774: AFM + IP Intelligence does not block requests using X-For...
Ansible module to update BIG-IP root/admin passwords
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description Have a large environment with password rotation requirements? Tired of trying a long list of old passwords to get into an old box? If you ...
Simple Sideband - iRule sideband the easy way
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description Simple Sideband is a helper iRule which makes getting started with doing iRule based sideband fast and simple. Problem solved by this Code ...
F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature
As mentioned in article https://my.f5.com/manage/s/article/K17964220 (K17964220: Is it possible to activate antivirus checking using ICAP over SSL?) for ICAP over SSL/TLS the F5 LTM option with Adapt Request/Response profiles needs to be used but t...
Logging of DNS Requests and Responses without a DNS license
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description This iRules logs DNS requests and responses in detail. It can parse all the headers, metadata and payloads and works for udp and tcp protoco...
Integration of Azure Sentinel and F5 BIG-IP using TS and AS3
This user guide is all about the configuration and deployment of Telemetry Streaming and Application Service 3 (AS3) on F5 BIG-IP to fetch logs on Azure Sentinel as its consumer. This guide is heavily based on the work performed by Greg_Coward and on...
Get Started with F5 NGINX Plus, Ingress, App Protect and Management Suite
These free trials available for F5 NGINX Products will get you started on whats available and help you get certified.Try NGINX Plus & NGINX App ProtectTry NGINX Ingress Controller with NGINX App Protect Try NGINX Management Suite - NGINX
custom response page for api
Here is a custom response specific to aWaf adapted for the API and status code (406), ex for Maximum Length : when ASM_REQUEST_BLOCKING { set violationDetails [ASM::violation details] set supportID [ASM::support_id] if { [regexp {json_er...
Insufficient permissions BIG-IQ login error
Note from Leslie - this was published by @Emon_423837 and should be attributed to them NOT to me. My apologies for getting something irrevocably wrong on the backend with the attribution. Everything after this sentence is Emon's work, not mine.Hi, b...
Collect all partition pool member stats with tmsh
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description This solution resulted from a question on how to get all the stats from pool members of all partitions in one iControl REST method call. I c...
iRule to take cookie from HTTP Response into HTTP Request via table
Sanitized version of an iRule. It’s main function is to take a cookie from a HTTP Response; put the value into a table and then insert into a HTTP request.The switch statement section has been stripped right back. So please re-construct to your own n...
Virtual Server graphical App for F5 LTM
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description In this article, I will explore how to create a graphical representation of a virtual server using Python Flask, Pyvis libraries, and the IC...
Generating irule logs, emails and reports for Shadow API Endpoints on the F5 BIG-IP AWAF/ASM device
Nowadays the F5 XC Distributed Cloud is all the rage for shadow API discovery and schema learning as seen in https://docs.cloud.f5.com/docs/how-to/app-security/apiep-discovery-control and for a good reason! The F5 BIG-IP does not have this option ...
Hey ChatGPT, can you write iRules?
iRules allow you to parse the payload of the data passing through the BIG-IP and, at wire speed, execute an entire script of commands on that traffic.They allow you to log and redirecting traffic, modify the URI or port or to rewrite the payload itse...
Solution for delayed BIG-IP page load of the Configuration utility
Problem Statement :Hints -Many people have encountered this issue while performing a configuration review/changes on F5, and our patience may have also been tested at times, but there is a solution to this problem.The page load of the Configuratio...
CSV to Address External Datagroup File
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description I was today years old when I found out you could upload external data-group files to the GUI. I couldn't figure out the format, however, un...
Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header
Description If you have a Proxy in front of the BIG-IP and all the client IP are source Natted, You can still restrict access to the Virtual if the client IP address is inserted by the proxy as HTTP Header X-Forwarder-For Environment iRuleLTM Ca...
Ansible - Running bash commands with bigip_command module - How it's done
Hello fellow F5ers,the description of the F5 Ansible-Module "bigip_command" states it would "[...]Run TMSH and BASH commands on F5 devices[...]"Scrolling through the documentation, you will only see tmsh commands. When you try to run a direct bash co...
Prism.js language definition for iRules
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description The provided iRule language definition can be used to highlight iRule code within websites using the Prism.js framework. Problem solved by t...
asmevents tool to retrieve events from an ASM device
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description asmevents is a python code to pull security events based on request status using REST APIs. Problem solved by this Code Snippet The system s...
Prevent BIG-IP Edge Client VPN Driver to roll back (or forward) during PPP/RAS errors
If you (like some of my customers) want to have the BIG-IP Edge Client packaged and distributed as a software package within your corporate infrastructure and therefore have switched off automatic component updates in your connectivity profiles, you ...
Building a lab using Proxmox
Whether you’re playing around with some new NGINX features, the latest F5 release or maybe just some generic servers or systems you always wanted to have a look at, having a lab environment is extremely useful. I’ve been running lab environments for...
GSLB Split DNS by iRule
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description An iRule based solution for GSLB with Split DNS (that is, one answer for internal users, one for external users). Problem solved by this...
Stable point of Configuration " Rescue Point "
Hello Everyone, Sometimes we need to save our configuration after big modifications to a stable point. I know that we can take a user configuraton set "UCS" to save our Configuration with the new modification , But what about defining a new object o...
Code comparison between deploying AS3 or FAST API Declarations with Ansible and Terraform
I found it interesting about the different ways to deploy AS3 declarations with Ansible and Terraform and I will provide some examples and a comparison at the end of the Article. My examples below are based on the links that are in the codeshare a...
iRule based 'Natural Speech' Expression Language
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description The major design goal of the 'Natural Speech' expression language is to enable humans to write complex search expressions without having to ...
Automate scp transfers using password
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Article K175: Transferring files to or from an F5 system discuss the secure transfer of files, whereas almost all the remote host machine will have password-b...
iRule to modify a content-security-policy header
Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’. Short Description This short iRule snippet can change specific directives in a content-security-policy header. The script is only roughly tested, but maybe we...
