ndel_119904
Mar 08, 2013Nimbostratus
iRule to bypass specific ASM blocking
Hey guys,
One of my servers is issuing a URL to an F5 virtual server, but ASM is blocking the request because it's seeing it as an "evasion technique." The URL does indeed have a '%' at the end of it, so I understand why it's being blocked.
Can an iRule bypass ASM Evasion Techniques if the request is coming from a specific IP?
I was looking at the iRule command 'ASM::violation_data,' but that doesn't look like it's intended to bypass attack methods, but rather only used to tell you if an attack method was triggered.
I know I can setup an iRule to disable ASM entirely if the request matches a particular source IP, and that'll be a last resort if there's no way to be granular about the request.
Thanks!