Forum Discussion
dennypayne
Feb 11, 2009Employee
Hmmm...so I'm guessing if you disallow the specific 10.x.x.x SNAT address then legitimate customers would also get denied.
I suppose you could use an iRule to SNAT clients from 169.147.x.x and 10.x.x.x to an allowed 10. address, and everyone else to a different address that was denied in .htaccess.
Something like this: (not syntax checked)
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr]/8 equals 10.0.0.0 ] || [IP::addr [IP::client_addr]/16 equals 169.147.0.0 ] } {
snat to allowed address
snat 10.x.x.A
} else {
snat to denied address
snat 10.x.x.B
}
}
Denny