Forum Discussion

kaoutar's avatar
kaoutar
Icon for Cirrus rankCirrus
Nov 03, 2020

unblock filetype for specific URL with matching expression

Hi, I have created an iRule to unblock requests with the illegal filetype violation triggered and specially for those URI started with a specific value and the path matches a specific expression, but it doesn't work, can anyone help me

when ASM_REQUEST_DONE {

if { ([HTTP::uri] starts_with "/abc/") &&

  ([HTTP::path] matches_regex {*.[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]}) 

&& ([ASM::violation count] >= 1) 

&& [ASM::violation_data] contains "VIOLATION_OBJ_TYPE"} { 

    ASM::unblock 

  }}

3 Replies

  • Break the monolithic if statement down into nested if statements, and add logging so you can see the results of each step

    when ASM_REQUEST_DONE {
      if { ([HTTP::uri] starts_with "/abc/") } {
        log local0. "URI [HTTP::uri] starts with /abc/"
        if {([HTTP::path] matches_regex {*.[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]})} { 
    	  log local0. "PATH [HTTP::path] matches the regex"
          if { ([ASM::violation count] >= 1) } {
    	     log local0. "ASM violation count greater than 1 = [ASM::violation count]"
             if {[ASM::violation_data] contains "VIOLATION_OBJ_TYPE"} {
               log local0. "ASM violation data contains VIOLATION_OBJ_TYPE - unblocking"		 
               ASM::unblock 
    		 }
    	  }
    	}
      }
    }