Forum Discussion

darrenclegg_199's avatar
darrenclegg_199
Icon for Nimbostratus rankNimbostratus
Sep 09, 2011

Access restriction to certain URLs

I have a simple iRule to only allow certain URLs access(see below)

 

 

when HTTP_REQUEST

 

{ if { not ([string tolower [HTTP::host]] eq "www.domain.com") }{

 

drop

 

HTTP::respond 200 content \ "Wrong URL entered Access not allowed" "Content-Type" "text/html" } }

 

 

I want to allow other URLs within the same iRule e.g www.domain1.com, www.domain2.com.

 

 

Can anyone help?

8 Replies

  • The iRule that you have created is a literal compare, so the other domains should not be blocked by this iRule.

     

     

    Did you need to just allow them through or did you need to route them to different server pools? If you just want to allow them through then you can use the iRule like you have it. If you need to route each different [HTTP::host] then you will need to make a few additions (I would suggest using a switch statement).
  • Michael,

     

    This worked fine.

     

     

    when HTTP_REQUEST {

     

    if { [HTTP::uri] starts_with "/xyz" } {

     

    HTTP::redirect "http://[getfield [HTTP::host] ":" 1]/"

     

    }

     

    }

     

     

    However, How do I use this to point to a group of URIs.

     

    thanks,

     

  • You Can create a data group that contains all of the needed URIs then use the data group inside the IRule
  • e.g.

    [root@ve10:Active] config  b virtual bar list
    virtual bar {
       snat automap
       pool foo
       destination 172.28.19.79:80
       ip protocol 6
       rules myrule
       profiles {
          http {}
          tcp {}
       }
    }
    [root@ve10:Active] config  b rule myrule list
    rule myrule {
       when HTTP_REQUEST {
       if { [class match -- [string tolower [HTTP::uri]] starts_with redirect_class] } {
          HTTP::redirect "http://[getfield [HTTP::host] ":" 1]/"
       }
    }
    }
    [root@ve10:Active] config  b class redirect_class list
    class redirect_class {
       {
          "/123"
          "/abc"
          "/xyz"
       }
    }
    [root@ve10:Active] config  curl -I http://172.28.19.79/abc/something
    HTTP/1.0 302 Found
    Location: http://172.28.19.79/
    Server: BigIP
    Connection: Keep-Alive
    Content-Length: 0