ltm rule command ACCESS restrict irule eventsΒΆ

iRule(1)					  BIG-IP TMSH Manual					     iRule(1)

ACCESS::restrict_irule_events
       Enable or disable HTTP and higher layer iRule events for the internal APM access control URIs.

SYNOPSIS
       ACCESS::restrict_irule_events (enable | disable)

DESCRIPTION
       During access policy execution, ACCESS creates requests to various URIs related to various access policy
       processing. These includes /my.policy and other pages (logon, message box etc.) shown to the end user. By
       default from 11.0.0 onward, HTTP and higher layer iRule events are not raised for the internal access control
       URIs. All events except ACCESS_SESSION_STARTED, ACCESS_SESSION_CLOSED, ACCESS_POLICY_AGENT_EVENT,
       ACCESS_POLICY_COMPLETED are blocked (not raised) for internal access control URI.  This command allows admin
       to overwrite the default behavior.  ACCESS::restrict_irule_events disable Disables the default behavior and
       enables admin to enable HTTP and higher layer iRule events for the internal access control URI. Admin can use
       this to handle these URIs in their iRules if needed. Please note that changing processing for these internal
       URIs can interfere with access policy.  Scope of this command is per flow. Once enabled for a flow, all
       subsequent internal access control URI requests will have events raised during processing

       ACCESS::restrict_irule_events [enable|disable]

	    * todo

	* Requires APM module

RETURN VALUE
VALID DURING
       CLIENT_ACCEPTED

EXAMPLES
	This iRule allows a customer to hide some error pages from the
	end-user. For e.g. Invalid SID error page is shown to user by
	redirecting user to /my.logout.php3?errorcode=19. In one case, user
	hits this error url if they were to bookmark /my.policy instead of the
	root, APM responds saying "you have an invalid session, click here to
	log in". Admin can change that just 302 user back to /. Redirect to "/"
	with invalid SID starts a new session.

	when CLIENT_ACCEPTED {
	    ACCESS::restrict_irule_events disable
	}

	when HTTP_REQUEST {
	  if { [HTTP::uri] ends_with "/my.logout.php3?errorcode=19" }{
	     HTTP::redirect "/"
	   }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-11.0.0 --First introduced the command.

BIG-IP						      2020-06-23					     iRule(1)