Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Log matched/detected pattern in switch statement.

Akshay_SK
Nimbostratus
Nimbostratus

‎16-May-2021 00:47

I have been trying to write a security iRule for my organization that provides a basic security. Here is my code snippet where I am matching the useragent value with the provided patterns.

 

switch -glob $useragent {

"*havij*" -

"*zmeu*" -

"*sqlmap*" {

 

            log local0. "Blocking this request due to detected user agent : "

 

reject

}

}

 

How do I print the detected pattern here? If I try to print the $useragent, I will be logging the entire useragent value instead of only the detected pattern. Any help would be greatly appreciated.

Labels:
0 Kudos
1 REPLY 1

Dario_Garrido
MVP
MVP

‎16-May-2021 12:40

Hello Akshay.

 

It's no possible to do it that way. You should differentiate each pattern.

switch -glob $useragent { "*havij*" { log local0. "Blocking this request due to detected user agent : *havij*" reject } "*zmeu*" { log local0. "Blocking this request due to detected user agent : *zmeu*" reject } "*sqlmap*" { log local0. "Blocking this request due to detected user agent : *sqlmap*" reject } }

Regards,

Dario.

Regards,
Dario.
0 Kudos
Copyright © 2023 Khoros, LLC