For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mohammed_Moin_2's avatar
Mohammed_Moin_2
Icon for Nimbostratus rankNimbostratus
Sep 25, 2018

Allowing specific source to specific uri and deny rest all

Hi All, We need an irule that can allow only specific source IP’s to access specific URI and deny to others. For example Data Group Source IP: 10.1.1.1 [DG1] URI: https://www.testdev.com/services/use...
application delivery
LTM
Leonardo_Souza's avatar
Leonardo_Souza
Icon for Cirrocumulus rankCirrocumulus
Sep 25, 2018

Normally you do this based in the path, because is likely the application will have multiple pages:

when HTTP_REQUEST {
if [class match [IP::client_addr] equals "DG1"] {
    if { not ([HTTP::path] starts_with "/services/user1/"]) } {
        HTTP::redirect "https://www.testdev.com/services/user1/"
        return
    }
    drop
}

If you really want the URI:

when HTTP_REQUEST {
if [class match [IP::client_addr] equals "DG1"] {
    if { not ([HTTP::uri] starts_with "/services/user1.html"]) } {
        HTTP::redirect "https://www.testdev.com/services/user1.html"
        return
    }
    drop
}