Forum Discussion
Log4j2
Aug 02, 2021Altocumulus
Best way to limit what URI/Path is available
I currently have an iRule that will forward traffic to a destination pool based on what was in the host value: when HTTP_REQUEST {
if { [string tolower [HTTP::host]] contains "example1.mydomain.c...
- Aug 03, 2021
This can be optimized using switch statement. Create string datagroup (example2_allowed_uri) for allowed uri. You can use default_pool to send traffic at the end or reject it if there is no match for the HOST.
when HTTP_REQUEST { switch -glob [string tolower [HTTP::host]] { "example1.mydomain.com" { pool /Common/App_Example_1.app/Pool_Example_1_pool } "example2.mydomain.com" { if { [class match [string tolower [HTTP::uri]] starts_with example2_allowed_uri ] } { pool /Common/App_Example_2.app/Pool_Example_2_pool } else { HTTP::respond 200 content "access denied" noserver Content-Type text/html Connection Close } } "example3.mydomain.com" { pool /Common/App_Example_3.app/Pool_Example_3_pool } default { pool default_pool } } }
spalande
Aug 03, 2021Nacreous
This can be optimized using switch statement. Create string datagroup (example2_allowed_uri) for allowed uri. You can use default_pool to send traffic at the end or reject it if there is no match for the HOST.
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::host]] {
"example1.mydomain.com"
{
pool /Common/App_Example_1.app/Pool_Example_1_pool
}
"example2.mydomain.com"
{
if { [class match [string tolower [HTTP::uri]] starts_with example2_allowed_uri ] } {
pool /Common/App_Example_2.app/Pool_Example_2_pool
} else {
HTTP::respond 200 content "access denied" noserver Content-Type text/html Connection Close
}
}
"example3.mydomain.com"
{
pool /Common/App_Example_3.app/Pool_Example_3_pool
}
default {
pool default_pool
}
}
}
- Log4j2Aug 03, 2021Altocumulus
Thank you ! This worked perfectly, I never thought to use DataGroups
Thank you again, much appreciated!
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects