Forum Discussion
neeeewbie
MVP
MVPBlock destination IP by source IP
Hi guys I need your help!! we want to bypass some destination IP by source IP [our site using ssl fwd proxy] and is it possible ? someone have a iRule?? thank you
Hi,
Can you try this?
when HTTP_REQUEST_SEND { # log local0. "Client IP = [IP::client_addr]" # log local0. "Server IP = [IP::server_addr]" switch -glob [IP::client_addr] { "1.2.3.4" - "10.12.*" { switch -glob [IP::server_addr] { "10.11.12.13" - "172.16.1.10" - "192.168.5.*" { reject } } } "172.16.11*" { switch -glob [IP::server_addr] { "10.100.*" - "192.168.100.*" { reject } } } "5.6.7.8" { reject } } }
Hi,
Can you try this?
when HTTP_REQUEST_SEND {
# log local0. "Client IP = [IP::client_addr]"
# log local0. "Server IP = [IP::server_addr]"
switch -glob [IP::client_addr] {
"1.2.3.4" -
"10.12.*" {
switch -glob [IP::server_addr] {
"10.11.12.13" -
"172.16.1.10" -
"192.168.5.*" { reject }
}
}
"172.16.11*" {
switch -glob [IP::server_addr] {
"10.100.*" -
"192.168.100.*" { reject }
}
}
"5.6.7.8" { reject }
}
}