Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Log matched/detected pattern in switch statement.

Akshay_SK
Nimbostratus
Nimbostratus

‎16-May-2021 00:47

I have been trying to write a security iRule for my organization that provides a basic security. Here is my code snippet where I am matching the useragent value with the provided patterns.

 

switch -glob $useragent {

"*havij*" -

"*zmeu*" -

"*sqlmap*" {

 

            log local0. "Blocking this request due to detected user agent : "

 

reject

}

}

 

How do I print the detected pattern here? If I try to print the $useragent, I will be logging the entire useragent value instead of only the detected pattern. Any help would be greatly appreciated.

Labels:
0 Kudos
1 REPLY 1

Dario_Garrido
MVP
MVP

‎16-May-2021 12:40 - last edited on ‎04-Jun-2023 20:54 by Fog

Hello Akshay.

It's no possible to do it that way. You should differentiate each pattern.

switch -glob $useragent {
	"*havij*" {
		log local0. "Blocking this request due to detected user agent : *havij*"
		reject
	}
	"*zmeu*" {
		log local0. "Blocking this request due to detected user agent : *zmeu*"
		reject
	}
	"*sqlmap*" {
		log local0. "Blocking this request due to detected user agent : *sqlmap*"
		reject
	}
}

Regards,

Dario.

Regards,
Dario.
0 Kudos
Copyright © 2023 Khoros, LLC