Forum Discussion
You could probably disable APM for every GET request that contains a non-empty "ticket" parameter
when HTTP_REQUEST {
if { ([HTTP::method] eq "GET") and ([URI::query [HTTP::uri] ticket] ne "") } {
ACCESS::disable
}
}
- Frank0phMar 05, 2020Nimbostratus
Thanks for the responses.
Juraj your suggestion sounds like what I want.
Does that imply that the word "ticket" just needs to be included or that there must be some text after the word ticket?
having tested the site we found that If I were to enter the url up to the point of ticket with nothing after it would present a single FA logon page so any rule we put in to allow these links through would need to check for ticket =n with n being anytext.
Apologies if that's what your rule is saying already!
- JurajMar 05, 2020Cirrus
ne in the iRule stands for “not equal”, so the iRule above expect the parameter “ticket” in the URL to exists and not be empty, i.e. it must have some value. If you know the logic of that value, you could also validate it in your iRule to make sure someone is not bypassing your controls by simply adding a non-empty “ticket” parameter.
I have something similar on our F5, where the iRule lets all POST requests from Slack in to our internal JIRA system, as long as such POST requests contain a specific Slack token.
- Frank0phMar 10, 2020Nimbostratus
Thanks Juraj, this looked like the perfect solution but it doesn't seem to be getting through. I've tried to log all of the URI's that come through during the page loading process but can't seem to get the syntax right.
Do you know what I need to enter to get it to output all of the pages during the connection?
Alternatively is it possible to log the result from the irule?
- Frank0phApr 20, 2020Nimbostratus
when I use the Irule that you suggested the site does bypass the Access Policy as requested however the site doesn't load and comes back with failed to load resource for the sites pages (404 not found errors) just getting stuck on a loading page.
Is there anything in the passing of the Irule that would affect the site being able to load? Surely after it has passed it through it should be able to load as normal.
If the rule and access policy are disabled the site loads no problem with no such errors.