Forum Discussion

avnishvyas_1974's avatar
avnishvyas_1974
Icon for Nimbostratus rankNimbostratus
Apr 17, 2015
Solved

Custom i-Rule needs further modifcation

Hello Experts

 

This is the scenario of what it is I am trying to achieve. We have URL contains a URI. We want to restrict some of the traffic by discarding requests if they do no match the criteria. This was achieved by the first I-Rule. when RULE_INIT { set static::drop_notallowed 0

 

} when CLIENT_ACCEPTED { if {not [HTTP::uri] starts-with "/services/playIQService/"} log local0. "[HTTP::uri] starts-with "/services/playIQService AND access URI = /restricted-URI/" set static::drop_notallowed 1 } } when HTTP_REQUEST { if {[HTTP::uri] contains "/services/playIQService/"} { pool Pool_CCC_Posterscope } else { discard

 

} }

 

However we are not seeing the desired results from the I-rule and believe this would require further modification. Firstly we would like to log each instance the URI is accessed and doesn't match the criteria for it to discard Secondly we want to forward the traffic that does match the criteria to the server. anything that doesn't match needs to be dropped and logged.

 

I was trying to write this I-rule in addition to the one above but the F5 is not taking this. Can anyone assist with the above iRule

 

  • How about this iRule

    when HTTP_REQUEST { 
        if { [HTTP::uri] contains "/services/playIQService/" } { 
          pool Pool_CCC_Posterscope 
        } else { 
          log local0. "[HTTP::uri] starts-with "/services/playIQService AND access URI = /restricted-URI/" 
          discard
        } 
    }
    

4 Replies

  • How about this iRule

    when HTTP_REQUEST { 
        if { [HTTP::uri] contains "/services/playIQService/" } { 
          pool Pool_CCC_Posterscope 
        } else { 
          log local0. "[HTTP::uri] starts-with "/services/playIQService AND access URI = /restricted-URI/" 
          discard
        } 
    }
    
    • avnishvyas_1974's avatar
      avnishvyas_1974
      Icon for Nimbostratus rankNimbostratus
      Hi Kunjan Thanks for the input and efforts. I have applied this customer iRule to my VIP and now im getting the desired affect. Cheers AV
  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus

    How about this iRule

    when HTTP_REQUEST { 
        if { [HTTP::uri] contains "/services/playIQService/" } { 
          pool Pool_CCC_Posterscope 
        } else { 
          log local0. "[HTTP::uri] starts-with "/services/playIQService AND access URI = /restricted-URI/" 
          discard
        } 
    }
    
    • avnishvyas_1974's avatar
      avnishvyas_1974
      Icon for Nimbostratus rankNimbostratus
      Hi Kunjan Thanks for the input and efforts. I have applied this customer iRule to my VIP and now im getting the desired affect. Cheers AV