Irule Check payload contains
Hi Everyone,
i have a request payload like this:
POST /webconsole/api/security/auth/login HTTP/1.1
Host:
Connection: keep-alive
Content-Length: 58
sec-ch-ua: "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"
Accept: application/json, text/plain, */*
Content-Type: application/json
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (
OrganizationID:
sec-ch-ua-platform: "Windows"
Origin:
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer:
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie:{"UserName":"test.org\\secadm01","Password":***************}
I want to create an irule to check with this URI: /webconsole/api/security/auth/login and client IP address is not X.X.X.X and the user login with user secadm will be blocked. other users with usernames not contain "secadm" would be ok. But this does not work. Please help advise
I write an irule as below:
when HTTP_REQUEST {
if { [HTTP::path] equals "/webconsole/api/security/auth/login"} {
if { [IP::addr [IP::client_addr] != 10.168.17.127] } {
if { [HTTP::payload] contains "secadm" } {
drop
}
}
}
}