Forum Discussion
I got the error below. Do you know what the issue is or what is missing?
01070151:3: Rule [/Common/iRULE-BLOCKED] error: /Common/iRULE-BLOCKED-:3: error: [parse error: PARSE syntax 139 {syntax error in expression " not ([HTTP::uri] equals DG2-ALLOWED-URIs]) ": variable references require preceding $}][{ not ([HTTP::uri] equals DG2-ALLOWED-URIs]) }]
when HTTP_REQUEST {
if { [class match [IP::client_addr] equals DG1-BLOCKED-SUBNETS]} {
if { not ([class match [HTTP::uri] equals DG2-ALLOWED-URIs]) } {
drop
}
}
}
You were missing a [ class match
- ant77Apr 07, 2020Cirrostratus
Thanks! Appreciate your help...
Quick question, since the statement "drop" is there based on the condition in the data group needing to be met, will this drop traffic for all other traffic (regular traffic) outside of that condition (subnets and URIs) in the data group.? I just don't want this to drop our regular traffic...
- Simon_BlakelyApr 07, 2020Employee
The drop will only impact traffic from the DG1-BLOCKED-SUBNETS that does not match the DG2-ALLOWED-URIs.
All other traffic that is not in the DG1-BLOCKED-SUBNETS will pass for all URIs.
- ant77Apr 08, 2020Cirrostratus
thank you! appreciate all your help.
- Simon_BlakelyApr 08, 2020Employee
No problem - if an answer is useful, please remember to flag it.
- ant77Apr 10, 2020Cirrostratus
one question here is for the URI in the data group, it seems that it stops when it matches, example -- /APP1/ only. If i go to /APP1/ABC/123, it fails. Is there a way to match and allow anything beyond like a wild card? I tried this and it doesn't seem to work --> /APP1/*
The wildcard asterisk does not work for some reason...
- Simon_BlakelyApr 12, 2020Employee
use class match starts_with
if { not ([class match [HTTP::uri] starts_with DG2-ALLOWED-URIs]) }
Note: class match operates on a longest (or most specific) match first principle.