ltm rule command ACCESS restrict irule eventsΒΆ

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



ACCESS::restrict_irule_events
       Enable or disable HTTP and higher layer iRule events for the internal
       APM access control URIs.

SYNOPSIS
       ACCESS::restrict_irule_events (enable | disable)

DESCRIPTION
       During access policy execution, ACCESS creates requests to various URIs
       related to various access policy processing. These includes /my.policy
       and other pages (logon, message box etc.) shown to the end user. By
       default from 11.0.0 onward, HTTP and higher layer iRule events are not
       raised for the internal access control URIs. All events except
       ACCESS_SESSION_STARTED, ACCESS_SESSION_CLOSED,
       ACCESS_POLICY_AGENT_EVENT, ACCESS_POLICY_COMPLETED are blocked (not
       raised) for internal access control URI.  This command allows admin to
       overwrite the default behavior.	ACCESS::restrict_irule_events disable
       Disables the default behavior and enables admin to enable HTTP and
       higher layer iRule events for the internal access control URI. Admin
       can use this to handle these URIs in their iRules if needed. Please
       note that changing processing for these internal URIs can interfere
       with access policy.  Scope of this command is per flow. Once enabled
       for a flow, all subsequent internal access control URI requests will
       have events raised during processing

       ACCESS::restrict_irule_events [enable|disable]

	    * todo


	* Requires APM module

RETURN VALUE
VALID DURING
       CLIENT_ACCEPTED

EXAMPLES
	This iRule allows a customer to hide some error pages from the
	end-user. For e.g. Invalid SID error page is shown to user by
	redirecting user to /my.logout.php3?errorcode=19. In one case, user
	hits this error url if they were to bookmark /my.policy instead of the
	root, APM responds saying "you have an invalid session, click here to
	log in". Admin can change that just 302 user back to /. Redirect to "/"
	with invalid SID starts a new session.

	when CLIENT_ACCEPTED {
	    ACCESS::restrict_irule_events disable
	}

	when HTTP_REQUEST {
	  if { [HTTP::uri] ends_with "/my.logout.php3?errorcode=19" }{
	     HTTP::redirect "/"
	   }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-11.0.0 --First introduced the command.



BIG-IP				  2017-01-31			      iRule(1)