Yesterday, NIST released information on a new network exploitable vulnerability in the GNU Bash shell as demonstrated by vectors involving parts of OpenSSH sshd, the mod_cgi, and mod_cgid modules in ...
Are you sure the 2nd iRule will scan the POST data? The doc on HTTP::request seems to suggest it does not scan POST data.
"Returns the raw HTTP request headers as a string. You can access the request payload (e.g. POST data) by triggering payload collection with the HTTP::collect command and then using HTTP::payload in the HTTP_REQUEST_DATA event."