Forum Discussion
CirrusBlock Specific URL from Specific Region
Hello ,
Im trying to block HTTPS request on specific URL from specific region and source IP address.
Is it possible to block specific URL from a source region?
Example we have 3 subdomains:- a)abc.xyz.com:should blocl all source IPs from region A b)efg.xyz.com should block all source IPs from region B
I have tried the below irule to block a specific IP address and applied it an an HTTPS VIP unfortunately its not working:-
when HTTP_REQUEST { if { ([string tolower [HTTP::uri]] contains "abc") and ( [IP::addr "x.x.x.x" equals [IP::client_addr]] ) } { drop } else { return } }
Hope someone could help.
Thank you in advance.
habib_KhanNimbostratus
Hi,
If your aware of what ip range or subnet you want to block you can use below irule. If geolocation wise you need to block, you need to have your LTM able to connect to Internet.
when HTTP_REQUEST {
if {[IP::addr [IP::client_addr] equals x.x.x.x/x]}{ drop } } If you want to drop IP and sepcific uri. You can use below irule.when HTTP_REQUEST {
if {[IP::addr [IP::client_addr] equals x.x.x.x/x]}{ if {([string tolower [HTTP::uri]] contains "/xyz") || ([string tolower [HTTP::uri]] contains "/abc")|| ([string tolower [HTTP::uri]] contains "/def")}{ drop } } }
F5_324021Hello ,
I have got the below irule wokring fine, however i need to restrict based on country code or region is it possible , preferred to have country datagroup.?
- habib_Khan
You can check this technical article link text. This has details for blocking using geolocation.
 
- F5_324021
Hello,
i have used the below irule however it didnt worked:-
when HTTP_REQUEST {
if { ([HTTP::uri] contains "X") and ( [IP::addr "x.x.x.x" equals [IP::client_addr]] ) and ([string tolower [whereis [IP::remote_addr] country]] contains "Asia" ])} { drop } }
- Vijay_E
Your syntax for IP address match is wrong. It should be:
[IP::addr [IP::client_addr] equals x.x.x.x/x]