03-Nov-2020 07:17
Hi, I have created an iRule to unblock requests with the illegal filetype violation triggered and specially for those URI started with a specific value and the path matches a specific expression, but it doesn't work, can anyone help me
when ASM_REQUEST_DONE {
if { ([HTTP::uri] starts_with "/abc/") &&
([HTTP::path] matches_regex {*.[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]})
&& ([ASM::violation count] >= 1)
&& [ASM::violation_data] contains "VIOLATION_OBJ_TYPE"} {
ASM::unblock
}}
03-Nov-2020
20:48
- last edited on
04-Jun-2023
21:12
by
JimmyPackets
Break the monolithic if statement down into nested if statements, and add logging so you can see the results of each step
when ASM_REQUEST_DONE {
if { ([HTTP::uri] starts_with "/abc/") } {
log local0. "URI [HTTP::uri] starts with /abc/"
if {([HTTP::path] matches_regex {*.[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]})} {
log local0. "PATH [HTTP::path] matches the regex"
if { ([ASM::violation count] >= 1) } {
log local0. "ASM violation count greater than 1 = [ASM::violation count]"
if {[ASM::violation_data] contains "VIOLATION_OBJ_TYPE"} {
log local0. "ASM violation data contains VIOLATION_OBJ_TYPE - unblocking"
ASM::unblock
}
}
}
}
}
04-Nov-2020 01:13
Thank you, i'll try it
08-Nov-2020 07:40
if this answered your question please flag it as such.