For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

winifred_corbet's avatar
winifred_corbet
Icon for Nimbostratus rankNimbostratus
Jun 24, 2010

Block traffic by IP address and Allow external access by domain name?

Currently we have an irule in place that allows traffic to specific URLs, by allowing the interal IP addresses only.     Now we need to allow very specifc external domains in (we cannot get an...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jun 24, 2010
If I understand your scenario correctly, yes, you'd need to do a reverse lookup of the client IP to see what domain the IP is part of. There isn't anything within an HTTP request that you can rely on to get the DNS domain of a client. You could add that DNS check to the existing rule.

 

 

I could see the DNS call adding latency to the connections through LTM.

 

 

Aaron