Forum Discussion

ottleydamian's avatar
ottleydamian
Icon for Cirrus rankCirrus
Sep 03, 2019

Block request based on domains

In migrating from Microsoft TMG to F5 I noticed that the TMG allowed/blocked users based on domains and not IP addresses. This is specific for MS Exchange EWS service. I don't have a test F5 device. ...
application delivery
iRules
LTM
security
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Sep 03, 2019

Hi ottleydamian,

Line 2 is not valid. You can create a data-group and use it in iRule.

Data-group:

ltm data-group internal domain_list {
    records {
        abc.domain.com { }
        xyz.mydomain.com { }
        qwerty.mydomain.com { }
    }
    type string
}

iRule:

when HTTP_REQUEST {
	if { not ([class match [string tolower [HTTP::host]] equals domain_list]) } {
		log local0. "Rejected domain [HTTP::host]"
		reject
		
		# or
		# HTTP::respond 404 noserver content "<html>...</html>"
	}
}

The system applies iRules in the order in which it appears in list. You can use "priority" command.

REF: https://clouddocs.f5.com/api/irules/priority.html