Forum Discussion
kunjan
May 09, 2015Nimbostratus
1) You can create a DG with string.
ltm data-group internal macDG {
records {
00:50:56:B3:7B:4E { }
}
type string
}
2) Create an ACCESS_POLICY_AGENT_EVENT iRule
when ACCESS_POLICY_AGENT_EVENT {
if { [ACCESS::policy agent_id] eq "chkmac" } {
set mac [ACCESS::session data get "session.machine_info.last.net_adapter.list.\[0\].mac_address" ]
if { [class match $mac equals macDG } {
ACCESS::session data set "session.logon.custom.chkmac" 1
} else {
ACCESS::session data set "session.logon.custom.chkmac" 0
}
}
3) Create VPE with iRule event with ID "chkmac"
4) Verify the session.logon.custom.chkmac in the VPE
apm policy policy-item /Common/ap_maccheck_act_empty {
caption chkmac
color 1
item-type action
rules {
{
caption "MacVerified"
expression "expr { [mcget {session.logon.custom.chkmac}] == 1 }"
next-item ....
}
{
caption fallback
next-item ...
}
}
}