TCL error--Blocking certain UA with iRule
Hi team,
I have a problem with using iRule which knew at following URL.
https://devcentral.f5.com/questions/block-https-access-from-specific-user-agentanswer118450
If the UA starts from"--" like "--user-agent=mozilla/5.0 (x11; linux x86_64) applewebkit/537.36 (khtml, like gecko) chrome/32.0.1700.77 safari/537.36", BIG-IP blocks the access showing "TCL error"
=> err tmm[14485]: 01220001:3: TCL error: /Common/ua_block - bad option "--user-agent=mozilla/5.0 (x11; linux x86_64) applewebkit/537.36 (khtml, like gecko) chrome/32.0.1700.77 safari/537.36": must be -exact, -glob, -regexp, or -- while executing "switch -glob [string tolower [HTTP::header "User-Agent"]] { "sqlmap" - "havij" - "nmap" - "nessus" - "..."
cf:) https://support.f5.com/kb/en-us/solutions/public/13000/900/sol13905.html
We are looking for avoiding this error. Do you have any idea of iRule's arrangement?
the original iRule is below.
when HTTP_REQUEST { switch -glob [string tolower [HTTP::header "User-Agent"]] { "sqlmap" - "havij" - "nmap" - "nessus" - "absinthe" - "nikto" - "w3af" - "pangolin" - "bsqlbf" - "prog.customcrawler" - "sql power injector" - "mysqloit" - "netsparker" { if { !([IP::addr [IP::client_addr] equals 192.168.143.100]) } { discard log local0. "[HTTP::header "User-Agent"] discarding." } } } }
I appreciate to your help.