Hello guys
I'm trying to replace this iRule with policy:
when CLIENT_ACCEPTED {
set allowed 0
if { [class match -- [whereis [IP::client_addr] country] equals country_list] or
[class m...
And then it appears in the GUI as expected (until you mess with it, then it is not recoverable there)
I was not able to create a draft and then publish in tmsh (likely an error on my part). Using the legacy keyword I was able to work around that, but be advised my example makes immediate changes to the published policy.
I have NOT confirmed that the not keyword in the condition will function properly in this policy. If it does (please test and let me know) then this is very likely a UI bug and not a problem with functionality.
Seems to be risky a little bit since you need to change in CLI because it is not even an option in v15.1 GUI. So I'm not sure if this will be an upgrade obstacle in the future if did it this way when we upgrade from 13 to 15.