For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

winifred_corbet's avatar
winifred_corbet
Icon for Nimbostratus rankNimbostratus
May 20, 2010

allow access to URL by specific IP range - all others rejected

For a specific URL I need to allow access to URL only to our internal IP range, all other IP addresses need to be rejected.     Something along these lines, but clearly this is not correct. Can...
application delivery
dev
devops
iRules
Michael_Yates's avatar
Michael_Yates
Icon for Nimbostratus rankNimbostratus
May 20, 2010
Sorry...I had to edit my first post and the format is never the same after an edit:

Go into your LTM under iRules -> Data Group List

Create -> Name it -> Type Address

Add the IP Addresses (or configure the Network Range) that you want to allow (Then replace the "PoolOfAllowedAddresses" with the name of the group you created). 


when HTTP_REQUEST {
if { [HTTP::host] equals "www.website.com" and ([matchclass [IP::remote_addr] equals $::PoolOfAllowedAddresses ]) } {
pool poolofallowedservers
}
else {
reject
}
}

This is designed to Accept anything in the Data Group and Reject everything else.