For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

sandiksk_35282's avatar
sandiksk_35282
Icon for Altostratus rankAltostratus
Mar 08, 2018

allow traffic to VS based on the source IP fwded in the http get request

I need to come up with a design to allow traffic to VS based on the source IP sent in the http get request. Based on the source IP i need to make a decision whether to allow it or drop it. Please hel...
application delivery
BIG-IP
iRules
Sabir_Alvi's avatar
Sabir_Alvi
Icon for Altocumulus rankAltocumulus
Mar 09, 2018

If you are looking for a whitelist iRule, then below iRule should work fine. You will need to create a datagroup, "Whitelist_IPs" in below example, with all the source IPs you want to allow access. So all http requests which match URL and source IP from whitelist will be allowed, others will get 403.

when HTTP_REQUEST {
    if { ([matchclass [string tolower [HTTP::host]] equals "www.sample1.com"]) and !([matchclass [IP::remote_addr] equals "Whitelist_IPs"]) } {
    HTTP::respond 403
    }
}