cancel
Showing results for 
Search instead for 
Did you mean: 

unblock filetype for specific URL with matching expression

kaoutar
Altocumulus
Altocumulus

Hi, I have created an iRule to unblock requests with the illegal filetype violation triggered and specially for those URI started with a specific value and the path matches a specific expression, but it doesn't work, can anyone help me

when ASM_REQUEST_DONE {

if { ([HTTP::uri] starts_with "/abc/") &&

  ([HTTP::path] matches_regex {*.[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]}) 

&& ([ASM::violation count] >= 1) 

&& [ASM::violation_data] contains "VIOLATION_OBJ_TYPE"} { 

    ASM::unblock 

  }}

3 REPLIES 3

Simon_Blakely
F5 Employee
F5 Employee

Break the monolithic if statement down into nested if statements, and add logging so you can see the results of each step

when ASM_REQUEST_DONE { if { ([HTTP::uri] starts_with "/abc/") } { log local0. "URI [HTTP::uri] starts with /abc/" if {([HTTP::path] matches_regex {*.[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]})} { log local0. "PATH [HTTP::path] matches the regex" if { ([ASM::violation count] >= 1) } { log local0. "ASM violation count greater than 1 = [ASM::violation count]" if {[ASM::violation_data] contains "VIOLATION_OBJ_TYPE"} { log local0. "ASM violation data contains VIOLATION_OBJ_TYPE - unblocking" ASM::unblock } } } } }

 

 

Thank you, i'll try it

if this answered your question please flag it as such.