For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jondyke_46152's avatar
jondyke_46152
Icon for Nimbostratus rankNimbostratus
Jun 26, 2008

Access Control Based On IP for specific URL

I am pretty new to irules so any help here would be appeciated. The irule below is the deafult irule for Access control based on IP from the codeshare area. Is it possible to alter this so that it c...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jul 03, 2008
The forward command (Click here) will mean LTM doesn't use the pool or translate the destination IP address. It isn't appropriate if you want to use a pool. If you remove the forward command it should work fine: 

 
 when HTTP_REQUEST { 
    if {([matchclass [HTTP::uri] starts_with $::securePaths]) and not ([matchclass [IP::client_addr] equals $::trustedAddresses])}{ 
       log local0. "Untrusted IP ([IP::client_addr]) attempting to access secure path ([HTTP::uri])" 
       discard 
    } else { 
       log local0. "Allowing connection from [IP::client_addr] to [HTTP::uri]" 
    } 
 }

Aaron