04-May-2023 03:44
Hi,
According to https://clouddocs.f5.com/api/irules/table.html
table command is valid for all events except RULE_INIT
Valid Events:
ALL, except RULE_INIT
I'm trying to use table command in FLOW_INIT event but always get empty value, while at CLIENT_ACCEPTED event the table return non empty value.
when FLOW_INIT {
set srcip [IP::client_addr]
set test_ip [table lookup -subtable "blacklist" $srcip]
log local0. "$srcip , table value: $test_ip"
}
log is "192.0.0.1 , table value: "
while same code in CLIENT_ACCEPTED event
when CLIENT_ACCEPTED{
set srcip [IP::client_addr]
set test_ip [table lookup -subtable "blacklist" $srcip]
log local0. "$srcip , table value: $test_ip"
}
log is "192.0.0.1 , table value: block"
Thanks
05-May-2023 07:11
Hi @Ben_Efrati, I checked the table source file documentation and there is nothing there that leaves out FLOW_INIT, however, I believe that's an oversight given the details on the FLOW_INIT event:
I confirmed in my own local test that I am seeing the same behavior as you. You could open a case to get official confirmation, but I'm pretty confident you'll need to perform your lookups in CLIENT_ACCEPTED or later.