cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

iRule to allow HTTP Error code through ASM policy

Chris_Baiocchet
Nimbostratus
Nimbostratus

Hello,

 

I have an ASM policy applied to a virtual server. The ASM policy is configured to block HTTP 500 response codes.

I would like to write an irule that would allow HTTP 500 to be returned to clients that are in a pre-defined Data group list.

 

when HTTP_RESPONSE

{

if { [HTTP::status] eq "500" }

{

if { [class match [IP::client_addr] equals DATA_GROUP_LIST] }

{

commands to allow HTTP 500 response

}

 

I'm actually trying to figure out if this is even possible. or are response codes all-or-nothing when enforced via an ASM policy?

 

Any help would be greatly appreciated.

 

Thank you.

 

Chris

1 ACCEPTED SOLUTION

Ivan_Chernenkii
F5 Employee
F5 Employee

Hello Chris,

 

There is no way to unblock response, but I think you can disable ASM in this case via ASM::disable command.

 

Thanks, Ivan

View solution in original post

2 REPLIES 2

Ivan_Chernenkii
F5 Employee
F5 Employee

Hello Chris,

 

There is no way to unblock response, but I think you can disable ASM in this case via ASM::disable command.

 

Thanks, Ivan

Chris_Baiocchet
Nimbostratus
Nimbostratus

Thank you, Ivan. I thought this would be the case, but I appreciate you taking the time to confirm 😊