Jump to content
Welcome to our new Citrix community!

Ignore Response Policy


Recommended Posts

Have an interesting challenge that we're trying to figure out how to address. We have a response policy that drops traffic when the url contains certain text (i.e. /admin) and it works great. However, we need to allow an exception so that this response policy is not applied to certain IPs. We've tried all sorts of combinations in the expression editor (!client.src or !client.dst...) and none seem to work. We're also added a response policy on top of this drop rule with an action of NOOP containing the IPs to bypass but that doesn't work either. Any assistance is greatly appreciated.

Link to comment
Share on other sites

Hmm...That did not work. Here is our response policy expression. We want to block access to those directories from IPs other than the ones specified.

 

HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS("/admin") || HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS("/test") || HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS("/blog") ||  && (client.ip.src.eq(1.2.3.4).not || client.ip.dst.eq(3.4.5.6).not)

Link to comment
Share on other sites

Unfortunately that did not work either but I appreciate your continued assistance. When reviewing the syslog, when the traffic passes through as desired, I see Source, vserver, nat ip and destination however when the traffic is dropped, we only see source and destination. The traffic seems to be changed when it hits the responder policy despite having lines in the policy to ignore certain IPs.

Link to comment
Share on other sites

Hi Trevor,

 

(HTTP.REQ.URL.PATH_AND_QUERY.SET_TEXT_MODE(IGNORECASE).CONTAINS("/admin") || HTTP.REQ.URL.PATH_AND_QUERY.SET_TEXT_MODE(IGNORECASE).CONTAINS("/test") || HTTP.REQ.URL.PATH_AND_QUERY.SET_TEXT_MODE(IGNORECASE).CONTAINS("/blog")) && (CLIENT.IP.SRC.EQ(1.2.3.4).NOT || CLIENT.IP.SRC.EQ(5.6.7.8).NOT)

 

This should do the trick I think here. You need to put your ORs between parentheses and combine them with the AND.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...