Skip to content

Instantly share code, notes, and snippets.

@codygreen

codygreen/dynamic_address_list.tcl Secret

Last active June 15, 2016 05:09
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
iRules LX - AFM/APM Dynamic Firewall Rules
Raw
dynamic_address_list.tcl
#
# AFM/ASM dynamic address list iRulesLX RPC.
#
# add the address to the address list
when ACCESS_POLICY_COMPLETED {
set ilx_handle [ILX::init "dynamic_address_list_plugin" "dynamic_address_list"]
# set IP address
set ip_address [ACCESS::session data get session.user.clientip]
if {[info exists ip_address]} {
# create a random secret
if {[catch {set res [ILX::call $ilx_handle "addAddress" $ip_address]} result]} {
log local0.error "Client - [IP::client_addr], ILX failure: $result"
return
}
} else {
log local0.error "Can not add address list, client IP not defined"
return
}
}
# remove the address from the address list
when ACCESS_SESSION_CLOSED {
set ilx_handle [ILX::init "dynamic_address_list_plugin" "dynamic_address_list"]
# set IP address
set ip_address [ACCESS::session data get session.user.clientip]
if {[info exists ip_address]} {
# create a random secret
if {[catch {set res [ILX::call $ilx_handle "deleteAddress" $ip_address]} result]} {
log local0.error "Client - $ip_address, ILX failure: $result"
return
}
} else {
log local0.error "Can not delete address list, client IP not defined"
return
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment