Vivek_Padale_16
Jul 26, 2014Nimbostratus
iRule for ASM
Is there any iRule for allowing SQL injection and XML tagging in ASM for a specific url
Here is an example unblocking login.php for the violation that you need to modify. please do use logging to find your correct violation name.
Requires 11.5.1.
when ASM_REQUEST_DONE { set x [ASM::violation_data] set uri [HTTP::uri]
log local0. "->Event-Tracer $uri [ASM::violation count] [IP::client_addr]:[TCP::remote_port] $x"
if { $uri equals "/login.php" && [ASM::violation count] < 2 } { log local0. "Violation: [ASM::violation attack_types]" if { [class match [ASM::violation attack_types] equals Disabled_Sig] } { ASM::unblock } } else { More than one violation, too dangerous to Unblock return } }