allow rule vs deny

Question

I would like to add a new irule which permits all previous versions of Apple IOS from 6.145 and will deny anything release thereafter. This is our current rule&nbsp;
when HTTP_REQUEST {&nbsp;
 switch -glob [string tolower [HTTP::header User-Agent]] {&nbsp;
  "*1002.14[0-4]*" {&nbsp;
   if { [HTTP::uri] contains "Cmd=MeetingResponse" } {&nbsp;
    reject&nbsp;
    log local0. "Denied iOS 6.1 Device SNAT src=[IP::client_addr] src_port=[TCP::client_port], dst=[IP::local_addr] dst_port=[TCP::local_port], virtual=[virtual name]"&nbsp;
   }&nbsp;
  }&nbsp;
 }&nbsp;
}&nbsp;
Thank in advance.&nbsp;

what_lies_bene1 · Answer

Is your current rule not working?

kevin_davies_40 · Answer

If you are talking version numbers your probably better off converting and comparing numerically.
set num=*get field from user agent*
foreach {major minor sub} [split $num "."] break;

if { $major &lt; 7 } {
  if { $minor &lt; 1002 } {
     if { $sub &lt; 145 } {
         reject
         log local0. "reject reason"
     }
  }
}

If however the version number is numerically valid.. 
if {$version &lt; 1006.145} {
   reject
}

Forum Discussion

allow rule vs deny

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Related Content

F5 Distributed Cloud Origin Server Subset Rules

LTM Cipher rule

Logging all AFM Rules

.htaccess to Nginx rules

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)