ltm rule command ASM disableΒΆ

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



ASM::disable
       Disables plugin processing on the connection.

SYNOPSIS
       ASM::disable

DESCRIPTION
       Disables the ASM plugin processing for the current TCP connection.  ASM
       will remain disabled on the current TCP connection until it is closed
       or ASM::enable is called.

       Syntax

       ASM::disable

	    * Disables plugin processing for the duration of the TCP connection
	      or until ASM::enable is called.

	   Note: ASM::disable deprecates PLUGIN::disable ASM

RETURN VALUE
VALID DURING
       HTTP_CLASS_SELECTED(up to 11.3.0), HTTP_REQUEST (11.4.0+)

EXAMPLES
	# for 11.4.0+ the command should be used in HTTP_REQUEST event
	when HTTP_CLASS_SELECTED {
	  ASM::enable
	  # Disable ASM for HTTP paths ending in .jpg
	  if { [HTTP::path] ends_with ".jpg" } {
	    ASM::disable
	  }
	}

	# This example iRule disables ASM if the client IP address
	# is part of an address type datagroup named bypass_asm_class.
	# The bypass_asm_class datagroup must be created before this iRule is created.
	# To debug the iRule, uncomment the log lines.
	# The iRule is for ASM 10.0.1 or higher only
	when CLIENT_ACCEPTED {
	    #log local0. "[IP::client_addr]:[TCP::client_port]: New TCP connection to [virtual name] [IP::local_addr]:[TCP::local_port]"
	    # Check if client IP is in the bypass_asm_class
	    if {[matchclass [IP::client_addr] equals bypass_asm_class]}{
	      # Set a variable to track that we'll disable ASM
	      #   when a class with ASM enabled is matched
	      set disable_asm 1
	      #log local0. "[IP::client_addr]:[TCP::client_port]: Client matched bypass_asm_class datagroup."
	   } else {
	      set disable_asm 0
	      #log local0. "[IP::client_addr]:[TCP::client_port]: Client did not match bypass_asm_class datagroup."
	   }
	}
	when HTTP_CLASS_SELECTED {
	    # As ASM can only be enabled/disabled in HTTP_CLASS_SELECTED (HTTP_REQUEST starting from 11.4.0+ - sol14381),
	    # check the variable set in CLIENT_ACCEPTED.
	    # Also verify ASM is enabled on the matched class before trying to disable ASM
	    if {[HTTP::class asm]==1}{
	      #log local0. "[IP::client_addr]:[TCP::client_port]: [HTTP::class] has ASMenabled."

	      if {$disable_asm==1}{
		 #log local0. "[IP::client_addr]:[TCP::client_port]: Disabling ASM for this request."
		 ASM::disable
	      } else {
		 #log local0. "[IP::client_addr]:[TCP::client_port]: Not disabling ASM for this request."
		 ASM::enable
	      }
	   }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-10.0.1 --First introduced the command.



BIG-IP				  2017-01-31			      iRule(1)