For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jondyke_46152's avatar
jondyke_46152
Icon for Nimbostratus rankNimbostratus
Jun 26, 2008

Access Control Based On IP for specific URL

I am pretty new to irules so any help here would be appeciated. The irule below is the deafult irule for Access control based on IP from the codeshare area. Is it possible to alter this so that it c...
application delivery
dev
devops
iRules
Andy_Herrman_22's avatar
Andy_Herrman_22
Icon for Nimbostratus rankNimbostratus
Jun 30, 2008
Can you try using this iRule and do a couple tests, then post the log messages you get? I added some logging and put the 'forward' command in, just in case I was wrong and it is needed. 

  
  when HTTP_REQUEST {    
    
    if { ( [matchclass [HTTP::uri] starts_with $::securePaths] ) and  
         ! ( [matchclass [IP::client_addr] equals $::trustedAddresses] ) }  
    {  
      log local0. "Untrusted IP ([IP::client_addr]) attempting to access secure path ([HTTP::uri])"  
      discard  
    } else {  
      log local0. "Allowing connection from [IP::client_addr] to [HTTP::uri]"  
      forward  
    }  
  }