For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jondyke_46152's avatar
jondyke_46152
Icon for Nimbostratus rankNimbostratus
Jun 26, 2008

Access Control Based On IP for specific URL

I am pretty new to irules so any help here would be appeciated. The irule below is the deafult irule for Access control based on IP from the codeshare area. Is it possible to alter this so that it c...
application delivery
dev
devops
iRules
Andy_Herrman_22's avatar
Andy_Herrman_22
Icon for Nimbostratus rankNimbostratus
Jun 30, 2008
I don't believe the 'forward' command is necessary. If you don't reject it then the F5 should process it normally.

 

 

It looks like you have the rule backwards. I think you're discarding when you want to allow, and allowing when you want to discard.

 

 

The IF statement will trigger if someone who is NOT authorized tries to access the secure path. In this case you want to reject them. The ELSE case will hit whenever the user is authorized OR they are trying to access a non-secure part of the site.

 

 

The iRule I suggested didn't have the ELSE part there, so the rule you have is doing the opposite of the one I wrote. Try switching back to the one I had and see if it works.