Create iRule condition refers to a set of data (strings)

Question

So I'm creating an iRule on DNS Listener that, when external ip (IP not in 172.16.0.0/12) query specific domain name (such as "abctest.example.com") , stop the query and reply the DNS query by NXDomain. Following scripts works well:
when DNS_REQUEST {
    if  { [DNS::question name] contains "abctest.example.com" &amp;&amp; ![IP::addr [IP::client_addr] equals 172.16.0.0/12]} {
        DNS::header rcode NXDOMAIN
        DNS::return
    }
}

Beyond this, there's more than 1 (actually quite a few) domain name that need to perform such action. i. e. all below domain queried by external IP shall be returned by NXDomain:
"abctest.example.com" "deftest.test.com""abctest.foobar.com""abctest.barfoo.com""exampleabc.foo.com"
I would like to know if there's any efficient method to write such iRule conditions, other than copy the same condition parameters several times.

stanislas_piro2 · Answer

You can search in the list
when DNS_REQUEST {
    set filter_list {"abctest.example.com" "deftest.test.com" "abctest.foobar.com" "abctest.barfoo.com" "exampleabc.foo.com"}
    if  { [lsearch -exact $filter_list [DNS::question name]] ne -1 &amp;&amp; ![IP::addr [IP::client_addr] equals 172.16.0.0/12]} {
        DNS::header rcode NXDOMAIN
        DNS::return
    }
}

Forum Discussion

Create iRule condition refers to a set of data (strings)

Recent Discussions

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Related Content

Create a DevCentral account

Intermediate iRules: Nested Conditionals

Create F5 BIG-IP Next Instance on Proxmox Virtual Environment

create monitor with ? in the send string via TMSH

Leverage F5 BIG-IP APM and Azure AD Conditional Access Easy button

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS