ltm rule command MQTT drop

iRule(1)						BIG-IP TMSH Manual						  iRule(1)

MQTT::drop
       Drop the current MQTT message.

SYNOPSIS
       MQTT::drop

DESCRIPTION
       This command can be used to drop the current MQTT message. The MQTT message will not be forwarded to its destination.  This
       command is valid for all MQTT message types.

       Syntax

       MQTT::drop

RETURN VALUE
       None.

VALID DURING
       MQTT_CLIENT_INGRESS MQTT_SERVER_INGRESS MQTT_CLIENT_DATA MQTT_SERVER_DATA

EXAMPLES
	#Enrich MQTT username with SSL client-certificate common name, reject unauthorized accesses:
	when CLIENT_ACCEPTED {
	    set cn ""
	}

	when CLIENTSSL_CLIENTCERT {
	    set cn [ lindex [ split [lindex [ split [X509::subject [SSL::cert 0]] "," ] 0 ] "=" ] 1 ]
	    log local0. "Client Cert Common Name: $cn"
	}

	when MQTT_CLIENT_INGRESS {
	    if {[MQTT::type] == "CONNECT"} {
		if {$cn == ""} {
		    MQTT::drop
		    MQTT::respond type CONNACK return_code 5
		} else {
		    set user [MQTT::username]
		    MQTT::username "$cn:$user"
		}
	    }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-13.0.0 --First introduced the command.

BIG-IP							    2022-04-12							  iRule(1)