ltm rule command MQTT drop

iRule(1)					  BIG-IP TMSH Manual					     iRule(1)

MQTT::drop
       Drop the current MQTT message.

SYNOPSIS
       MQTT::drop

DESCRIPTION
       This command can be used to drop the current MQTT message. The MQTT message will not be forwarded to its
       destination.  This command is valid for all MQTT message types.

       Syntax

       MQTT::drop

RETURN VALUE
       None.

VALID DURING
       MQTT_CLIENT_INGRESS MQTT_SERVER_INGRESS MQTT_CLIENT_DATA MQTT_SERVER_DATA

EXAMPLES
	#Enrich MQTT username with SSL client-certificate common name, reject unauthorized accesses:
	when CLIENT_ACCEPTED {
	    set cn ""
	}

	when CLIENTSSL_CLIENTCERT {
	    set cn [ lindex [ split [lindex [ split [X509::subject [SSL::cert 0]] "," ] 0 ] "=" ] 1 ]
	    log local0. "Client Cert Common Name: $cn"
	}

	when MQTT_CLIENT_INGRESS {
	    if {[MQTT::type] == "CONNECT"} {
		if {$cn == ""} {
		    MQTT::drop
		    MQTT::respond type CONNACK return_code 5
		} else {
		    set user [MQTT::username]
		    MQTT::username "$cn:$user"
		}
	    }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-13.0.0 --First introduced the command.

BIG-IP						      2020-06-23					     iRule(1)