Forum Discussion

Vijay_Jain's avatar
Vijay_Jain
Icon for Altostratus rankAltostratus
Jun 11, 2019

ICAP with iRule Response Page without ASM

Hello,

 

We are running on Big IP 13.1.1.4 TMOS code and set up Content Adaptation for HTTP request to check files uploaded through one our Website using ICAP. It's working fine but in case any virus is detected the ICAP server modify the response and show it's own response.

 

But we would like to redirect the end-user to a dedicated and corporate web page of our website. I prepared the below Irule but it's now working.

 

when ADAPT_REQUEST_RESULT

{

  if { ([ADAPT::result] contains "respond") } {

  log local0. "ICAP Response is [ADAPT::result], let's customized reject page"

     set response {

   <html>

    <head>

     <title>Virus Detected</title>

     <meta http-equiv="refresh" content="0;URL='https://int-www-01.citizensfla.com/virus-test'" />

    </head>

   </html>

     }

     HTTP::header remove Content-Length

     #HTTP::payload replace 0 [HTTP::payload length] ""

     HTTP::payload replace 0 0 $response 

  }

}

 

How we could redirect the POST of the user to a dedicated page within our website if a virus is found using ICAP internal VS.

 

Many thanks in advance for any help on this matter.

 

Regards

Vijay

  • Try this:

    when ADAPT_REQUEST_RESULT {
        log local0. "ADAPT_REQUEST_RESULT: [ADAPT::result]"
        if { ([ADAPT::result] contains "respond") } {
            log local0. "ICAP Response is [ADAPT::result], let's customized reject page"
            set response {
    <html>
      <head>
        <title>Virus Detected</title>
        <meta http-equiv="refresh" content="0;URL='https://int-www-01.citizensfla.com/virus-test'" />
      </head>
    </html>
            }
            HTTP::respond 200 content $response
        }
    }
    • Vijay_Jain's avatar
      Vijay_Jain
      Icon for Altostratus rankAltostratus

      Thanks Niels for your response. I tried this Irule but got the Connection timeout error. I created below Irule and it's working as expected-

       

      when HTTP_REQUEST {

      set VirusDetected 0

      log local0. "AOB-TEST iRule initiated and VirusDetected variable to 0"

      }

      when ADAPT_REQUEST_RESULT {

             if { ([ADAPT::result request] contains "respond") } {

                 set VirusDetected 1

                 log local0. "ICAP: Check ADAPT VAR: == $VirusDetected => Virus Found"

                 }

              else {

                 set ADAPTvar 0

                 log local0. "ICAP: Check ADAPT VAR: == $VirusDetected=> Virus NOT Found"

             }

       

         }

      when HTTP_RESPONSE_RELEASE {

      if { $VirusDetected == 1 } {

       HTTP::respond 301 Location "https://xxxxx.xxxx.com/virustest"

       log local0. "redirected to corporate network after Virus was Dectected"

         }

      }

       

      • Wasfi_Bounni's avatar
        Wasfi_Bounni
        Icon for Cirrocumulus rankCirrocumulus

        Of course this i-rule is on the https virtual server not the internal ICAP virtual server, right?