Block all traffic to a subdomain not containing a speficif heade

He guys,

I am trying to block all traffic to a subdomain not containing a certain header with a certain value. For some reason I can’t seem to this rule to work, it doesnt seem to matter whether rhe key is present or not or whats its value is.

( ne "DE" and all(http.request.headers["header_name"][*] ne "value") and contains "")

Also for some reason this rule applies to all my subdomains whether it is or
How can I fix this?

You probably want any(http.request.headers["header_name"][*] ne "value"). Also if you are based in Germany this rule will never apply.


You are completely right. The AND coupled with header completely bypassed if. That should be an OR.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.