Forum Discussion
Hi,
Why do you prefer an irule??
Cheers,
Kees
Abed_AL-R
Jun 02, 2020Cirrostratus
Not up to my choice
Its shared management environment and its a customer decision
I totally know that whenever there is a chance to solve a problem with a policy, it is the preferred way.
Anyhow, this irule solved the problem:
when CLIENT_ACCEPTED {
set allowed 0
if { [class match [IP::client_addr] equals bypass_asm_class] } {
set allowed 1
}
}
when HTTP_REQUEST {
if { $allowed } {
#log local0. "This client IP: [IP::client_addr] is allowed to bypass ASM"
ASM::disable
} else {
ASM::enable /partition/asmpolcy
}
}