Forum Discussion

Nimbostratus

Jan 27, 2011

Data Group Lists for iRules

Hi everyone,

We need to create an iRule to allow access to a VIP from only a certain list of IP addresses. I can see how to do this by creating an iRule that references an IP Address Data Group. The problem lies in that we have a 20,000 user network and need to restrict the access to 600 individual IP addresses. We can do some summarization but we're still looking at 500 entries into the Data Group.

Does anyone know if you can import a text file or copy and paste somehow into the IP Address Data Group to save entering 500 IP addresses?

Thanks very much in advance.

-Tim

Michael_Yates
Nimbostratus
Mar 14, 2013
Hi Chris,

Reading over this may help: Writing iRules look in the sub-topic "Creating, managing, and using data groups".

Location:An external data group must reside in either the /config or the /var/class directory. The default location for storing external data groups is the /config directory.

As far as your formatting issue I think you must specify what it is in the External Class. If it's a host it automatically appends 255.255.255.255 in the background (you will only see this if you use iControl to pull the class members) and if it's a network it appends the assigned netmask:

host 6.6.16.197 := "host1",

host 6.1.17.133 := "host2",

network 192.168.1.1/24 := "network1",

Forum Discussion

Data Group Lists for iRules

Recent Discussions

F5 Application common issues

Is network access bypassing APM logon pages?

<apm_do_not_touch> in JS file failing</apm_do_not_touch>

Suddenly Can't access Login Box to F5 LTM Via SSH & GUI

LTM + GTM on same box

Related Content

Interrogate Pool Member Priority Group from iRule

iRule: List vs Array

Export ASM IP Address Exceptions List to LTM Data Group List

Welcome to the F5 XC Community User Group

Passing a TCL list to iRules LX