Forum Discussion
Valentine_96813
Nov 15, 2011Nimbostratus
Block Domain redirect
I have an instance where someone has created a derrogatory subdomain in external DNS and is redirecting to one of our production VSs. Is there a way to log/block redirects from a specific subdomain i...
nitass_89166
Nov 16, 2011Noctilucent
this is another example.
[root@ve1023:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.65.152:http
ip protocol tcp
rules myrule
profiles {
http {}
tcp {}
}
}
[root@ve1023:Active] config b rule myrule list
rule myrule {
when HTTP_REQUEST {
if {[class match -- [string tolower [HTTP::host]] starts_with domain_blacklist]}{
log local0. "[IP::client_addr]:[TCP::client_port]|[HTTP::host]|[HTTP::uri]"
reject
}
}
}
[root@ve1023:Active] config b class domain_blacklist list
class domain_blacklist {
{
"anotherbaddomain"
"somebaddomain"
}
}
[root@ve1023:Active] config curl -I http://somebaddomain.abc.com/
curl: (52) Empty reply from server
[root@ve1023:Active] config
Nov 15 23:30:47 local/tmm info tmm[4766]: Rule myrule : 172.28.65.150:41065|somebaddomain.abc.com|/
[root@ve1023:Active] config curl -I http://anotherbaddomain.abc.com/
curl: (52) Empty reply from server
[root@ve1023:Active] config
Nov 15 23:30:53 local/tmm info tmm[4766]: Rule myrule : 172.28.65.150:41067|anotherbaddomain.abc.com|/
- SnlMar 19, 2017Cirrostratus
Hi Nitass
The irule example provided can block source based domain or destination?
i am looking for similar irule where want to block specific source domains using data group list towards destination domain xyz.com which hosted on my F5
example block abc.com domain as source(initiate request) to access xyz.com domain
BR/
snl
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects