Skip to content
This repository has been archived by the owner. It is now read-only.
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

F5 Networks AFM/APM Dynamic Firewall Rules

iRules LX code to dynamically update an AFM address list based upon APM sessions. The code will add a user's IP address to an AFM address list once an APM access policy is completed and will remove the IP address when the access session is closed. Requires TMOS version 12.1 and APM/AFM licensing.

IMAGE ALT TEXT HERE

Installation

You'll need to create a iRules LX workspace and plugin - details can be found in the DevCentral [Getting Started with iRules LX series] (https://devcentral.f5.com/articles/sid/6964)

Note: If you want to keep things simple then using the following naming convention:

  • Workspace: dynamic_address_list_workspace
  • Plugin: dynamic_address_list_plugin
  • Extension: dynamic_address_list

Once the workspace is created you'll need to make the following code changes:

  1. Update the iRule ILX::init with the name of your plugin and your extension (if you didn't follow the naming convention)

    set ilx_handle [ILX::init "plugin_name" "extension_name"]

  2. Copy the contents of index.js into your workspace

  3. Add two extension files and copy the contents of those files into your workspace

  4. f5_afm.js

  5. f5_api.js

  6. SSH into your BIG-IP and nstall the node modules

cd /var/ilx/workspaces/Common/dynamic_address_list_workspace/extensions/dynamic_address_list/ npm install node-rest-client winston --save

5. Add the iRule to you APM Virtual Server

About

iRules LX to dynamically update an AFM address list based upon APM sessions

Resources

Releases

No releases published

Packages

No packages published
You can’t perform that action at this time.