Forum Discussion
swo0sh_gt_13163
May 03, 2015Altostratus
Hey Folks,
I've managed to fix the iRule, following is the updated copy of the same.
when HTTP_REQUEST {
set FLAG_BLOCKED 0
set Disabl_ASM_FLAG 0
if {$GLOBAL_breakALL == 0}
{
if {[HTTP::uri] starts_with "/admin/content/"} {
if {[class match [IP::client_addr] equals AB_Web_Folder_IP]} {
log local0. "Access to admin is allowed"
ASM::disable
set Disabl_ASM_FLAG 1
} else {
log local0. "Someone trying to access /admin/content/ illegally from Source IP: [IP::client_addr] "
set FLAG_BLOCKED 1
set Disabl_ASM_FLAG 1
}
}
}
if {[llength [POLICY::names matched]] > 0} {
log local0. "inside class selection"
if {$Disabl_ASM_FLAG == 1}
{
if { [POLICY::controls asm] == 1 }
{
ASM::disable
log local0. "ASM is disabled now"
}
}
if {$FLAG_BLOCKED == 1}
{
reject
}
}
}
I hope this would help someone.
Cheers! Darshan