F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Jason_Tan_40947's avatar
Jason_Tan_40947
Icon for Nimbostratus rankNimbostratus
Feb 24, 2010

Covert ServerIron ACL into LTM iRule

Hi,     I am a beginner and need to migrate from ServerIron to F5 LTM. In the ServerIron, it has the following iRule:     (1) ip filter 1 deny 172.30.0.0 255.255.248.0 172.0.0.0 ...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Feb 25, 2010
Hi Jason,

If you want to take the same action for the other hosts/subnets in the ACL, you can add the two other entries to the HTTP_bluecoat_bypass datagroup. Also, you don't need to specify the pool command as any connections which don't match the datagroup will use the VIP's default pool. 

 
 when CLIENT_ACCEPTED { 
  
     Check if client IP is defined in the datagroup 
    if { [matchclass [IP::client_addr] equals HTTP_bluecoat_bypass]} { 
  
        Don't load balance connection--just send it on untranslated to the destination IP 
       forward 
    } 
     Default action is to use VIP's default pool 
 }

Aaron