Debugging a website irule help

Question

I'm trying to debug a problem with a website. what's the best way to add a whitelist to not log things I know about? Like { [class match [string tolower [HTTP::uri]] starts_with "whitelist" ] } {
don't log or no nothing. Here is my current rule:
when HTTP_REQUEST {
set hostvar [HTTP::host]
set urivar [HTTP::uri]
set ipvar [IP::client_addr] 
}
when HTTP_RESPONSE {
         if { ([HTTP::status] starts_with "4") || ([HTTP::status] starts_with "5")} {
                log local0. "$ipvar requested $hostvar $urivar and received a [HTTP::status] from [IP::server_addr]" }
}

Thanks for any help.

leonardo_souza · Answer

First, you need to understand what is the condition you will be testing, and also how many values you will have for testing.&nbsp;
If just a small number of options, like up to 5, I would go for a switch.
If a large number, I would go for a datagroup.&nbsp;
You could also reverse that, and just log when you find that condition.
That could be URL, client IP, etc...&nbsp;
This links have information about the commands you need for switch and datagroup, and also examples with iRules using that:&nbsp;
https://devcentral.f5.com/wiki/irules.switch.ashx&nbsp;
https://devcentral.f5.com/wiki/irules.class.ashx&nbsp;

Forum Discussion

Debugging a website irule help

1 Reply

Recent Discussions

Pricing when used with aws waf

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Related Content

Proxy Azure Websites

F5-fronted website duplicated by hackers and re-hosted

iRULE regsub error

Allow user agents to scrape my website

Proper way to do debugging in an iRule