To block specific users using Pattern-Set looking for usernames and then dropping based on the expression in the Responder Policy.

Instructions

This article holds good for users authenticated via the NetScaler.

Create a pattern set.
 
Configuration -->AppExpert --> Pattern Sets

Type the name of the pattern set and click on Insert

Type the username under Pattern and click insert. This will create a pattern set test_user with user1 as one of the usernames.

Now click on create to complete the pattern set.

Now you will see the pattern set which you created along with the rest of the pattern set. After this edit the pattern set test_user and add the rest of the usernames that needs to be dropped.

Click Insert and add the rest of the username under Pattern as you did previously.

Once you are done with the pattern set creation now we will configure the responder policy. For doing so go to AppExpert --> Responder --> Policies and click on Add and add the values as shown below and click on Create

Expression :

HTTP.REQ.USER.NAME.EQUALS_ANY("test_user")

Now we have created a responder policy to drop the usernames matching the ones under the pattern Set "test_user"

The last step would be to bind the responder policy to either a vServer or globally.

Notes:

• You require NetScaler software version 9.3 or later with administrative access to complete the preceding procedure. This procedure is not valid for NetScaler version 9.2 or earlier.