Forum Discussion

hima_bindu_2211's avatar
hima_bindu_2211
Icon for Nimbostratus rankNimbostratus
Dec 31, 2015

Getting error as unknown event (ASM_REQUEST_DONE)] in creating new Irule

Iam trying to provide exception for a particular IP from a specific ASM signature , by adding an i rule

 

i got the below i rule format , when searching through devcentral site

 

when ASM_REQUEST_DONE {

 

if { ([IP::client_addr] == "CLIENTIP") && ( [ASM::violation details] contains "SIGNATURE-ID") }{ ASM::unblock log local0. }

 

}

 

but when iam trying to add the rule , it is throwing the error as unknown event (ASM_REQUEST_DONE)

 

My Loadbalancer is of version 10.2.4

 

Can anyone help me over this ,

 

1 Reply

  • ASM_REQUEST_DONE was introduced in 10.5; that's why 10.2.4 doesn't recognize it.

     

    You should probably use ASM_REQUEST_VIOLATION, which was introduced in 10.1.0 and is deprecated as of 11.5 (e.g., replaced by ASM_REQUEST_DONE). Obviously, if you're running an older version like 10.5, the deprecation doesn't matter; use the event appropriate to your version.

     

    ASM::unblock was introduced in 11.5, and also won't be available in 10.2.4. You may be able to do what you're trying to do with ASM::disable, which was introduced in 10.0.1, but be cautious as that looks a little farther reaching in its effect. I haven't played with that one.