Forum Discussion
AltocumulusBlocking Traffic based on Geo Location
NacreousiRule looks fine with few modifcations to uri and closing braces. Also, please check with the requestor if it should be explicit URL "/job-request/" or wildcard (i.e anything after) "/job-request*".
If it's a wildcard, replace "eq" with "starts_with"
when HTTP_REQUEST {
if { ([string tolower [HTTP::uri]] eq "/job-request") and ([whereis [IP::client_addr] country] ne "TH") } {
drop
} else {
return
}
}
AltocumulusThanks Sanjay for replying.
/"/job-request" is specific path which needs to be restricted. So could you please advise if eq is suffice the needs or shall this change to starts_with ?
- spalande
yes. eq would be okay.
- Jaspreetgurm
I am allowing traffic only TH country, so I believe the action should be allow and else should be drop like below
{
allow
} else { drop
}
}
- spalande
Since your iRule has use "ne" (not equal) operator for checking the Country, it's dropping on first condition. You can modify the operator to check just for TH country using "eq" operator to drop on else condition. Both should be fine.
- Jaspreetgurm
when HTTP_REQUEST {
if { ([string tolower [HTTP::uri]] eq "/job-request") and ([whereis [IP::client_addr] country] ne "TH") } {
drop
} else {
return
log local0. "[IP::remote_addr]"
}
}
is this fine ?
- spalande
yes. you can test it using vpn to select another Country. Also, I would disable logging unless needed for troubleshooting.
