Ok, so the following is the iRule that we have in the LTM now. We are seeing HTTP REQUEST REST DETECTED, but we are not see any REQUEST_BLOCKING messages in the logs. If someone could help in finding why this is not functioning complete, it would be greatly appreciated. We are running on 11.2.0 HF1.
when HTTP_REQUEST { if { [HTTP::uri] contains "rest" } { set rest_content 1 log local0. "HTTP REQUEST REST DETECTED" } else { set rest_content 0 } }
when ASM_REQUEST_BLOCKING { log local0. "ASM REQUEST BLOCK: REST DETECTED= $rest_content" if { $rest_content } {
set response "Page blocked"
ASM::payload replace 0 [ASM::payload length] ""
ASM::payload replace 0 0 $response
}
}