Forum Discussion
jlb4350
Cirrus
CirrusBlock outbound connections via DNS rather than server_connected
I have an iRule that calls on a datagroup to block outbound traffic from my office to certain countries. The iRule is working, but I am using iRule event "server_connected" and when that occurs it ju...
Take a look at the LB_SELECTED event. This event is called before the SERVER_CONNECTED event.
https://clouddocs.f5.com/api/irules/LB_SELECTED.html
It should be possible to put the evaluation into this event, so the connection can be rejected upfront.
jlb4350Interesting. Thank you for that suggestion. So just replace SERVER_CONNECTED with LB_SELECTED in the iRule? Could you elaborate some on what LB_SELECTED does? The page is quite vague about how it works...
Thanks again for your help.
In the LB_SELECTED event you can get information about which pool member is selected and take some action on it. In this event you can evaluate the results of LB::server. You can use this to replace IP::server_addr in your current iRule. See the first iRule example in the article below.
https://clouddocs.f5.com/api/irules/LB__server.html
- jlb4350
I guess I didn't specify, but my f5 is acting as a firewall. I didn't set it up this way, but it is performing the traffic filtering, not a firewall. Would LB_SELECTED still apply in this case? I just want to drop the traffic before connecting to the remote server rather than after it connects. Would I use HTTP_REQUEST rather than SERVER_CONNECTED? If I should still use LB_SELECTED, would you mind editing my rule to show an example?
Sorry for all the questions, I'm still trying to get my head wrapped around how iRules work, especially with the way the system is configured. I really appreciate your time.